Definition
Plain language
A hacking competition where you prove you broke into a system by retrieving a hidden token.
As stated in the literature
A security exercise (CTF) in which participants solve exploitation challenges to recover a hidden 'flag' string; used as a source of genuinely difficult offensive-security tasks in distributed-attack and vulnerability benchmarks.
Also called: CTF, capture the flag
Why it matters: These contests provide realistic, hard hacking challenges that can be used to test how capable AI systems are at offensive security.
For example, a contestant might exploit a weakness in a target program to read a secret token like 'flag{you_win}' and submit it for points.
Heard on the show
“They take a hard subset of a cybersecurity benchmark — these are capture-the-flag exploits, genuinely difficult — and they run a model called gpt-oss-120b on them directly.”Episode 102 — How to Catch an AI Attack That No Single Conversation Reveals