Source code on GitHub
← Niall Kahlout's Blog

Volunteering at Zero Days and CTF Schools: Getting the Next Generation into Cybersecurity

Cover for Volunteering at Zero Days and CTF Schools: Getting the Next Generation into Cybersecurity
Niall KahloutNiall Kahlout
4 min read

Cybersecurity can feel like a closed world from the outside. The jargon is dense, the tools are intimidating, and if you didn't stumble into it through a specific course or a curious friend, it's easy to never find the door in. Volunteering at events like Zero Days and CTF Schools is about making that door easier to find — especially for younger people who don't yet know this is something they could be good at.

Over the past year I've volunteered at two events in Ireland that do exactly that, and both were genuinely some of the most rewarding things I've done since graduating.

Cyber-Schools CTF — Astra Hall, UCD

The Cyber-Schools CTF was hosted at Astra Hall, University College Dublin, run by the ZeroDays CTF team in partnership with Cyberwise/School of Education UCD and TU Dublin's School of Informatics and Cybersecurity.

The numbers were impressive: 58 teams, 224 students from schools and coder-dojos across Ireland. The mix was everything from students taking part in their very first CTF to experienced players who are candidates for, or already players on, Team Ireland. There was genuine talent in the room — including one competitor who won the entire competition as a solo player.

As part of the ZeroDays volunteer team, I helped create and run the challenges alongside Daniel C., Samuel Bhuiyan, Paddy Kerley, Emmet, Anya, and Graham Gibney. My focus was helping students with challenges directly — watching their problem-solving skills develop in real time, offering hints when they were stuck without giving the game away, and making sure the experience was approachable for first-timers while still being a proper test for the more experienced teams.

What stood out most was the enthusiasm. 224 students tackling cybersecurity challenges with that level of energy and engagement — it's a strong sign of where the next generation of Irish security professionals is coming from.

Zero Days CTF — Croke Park, Dublin (10th Anniversary)

Zero Days is a different scale entirely. This past year was the 10th anniversary edition, held at Croke Park in Dublin with 500 participants — including teams joining from across Europe. To put that in context: the first Zero Days ran in 2015 with 80 people in the Generator. From there it moved through Buskers, Club 22, the Gibson Hotel, and eventually to Croke Park. The growth reflects just how much the Irish cybersecurity community has expanded over the past decade.

The event drew enough attention that RTÉ Prime Time came to cover it — a sign of how seriously Ireland is beginning to take cybersecurity education at a national level. Major sponsors including ReliaQuest, State Street, Workday, Bank of America, Bugcrowd, Cyber Ireland, and Zero Latency VR Dublin backed the event, which speaks to how much industry weight it carries.

The challenge categories spanned web exploitation and digital forensics, but what made Zero Days stand out for participants were the physical elements — specifically an escape room and a VR bomb disposal room run in partnership with Zero Latency VR Dublin.

One of my personal highlights for this event was being involved in the physical challenges from start to finish: planning the setups, assembling them on the day, and then guiding participants through the tasks. That combination of logistical and mentoring work made it a very different experience from sitting behind a laptop monitoring a scoreboard. Watching teams who'd spent hours on technical challenges suddenly have to communicate clearly under physical time pressure was a genuine reminder that security work is never just about the keyboard.

The atmosphere on the day — teams from across Ireland and Europe, a packed venue, real competition — was something I hadn't quite expected the first time I walked into it. It's a proper event.

What I Took Away

Volunteering at both events reinforced a few things:

  • The gap between "interested" and "involved" is smaller than people think. Most of the students at CTF Schools hadn't considered a career in cybersecurity. A single engaging challenge can genuinely shift that.

  • Teaching sharpens your own understanding. Explaining why a web exploit works — clearly, quickly, to someone who's never seen one — forces you to know it at a deeper level than just being able to execute it.

  • The physical and the technical aren't separate. Escape rooms and VR challenges aren't just fun extras. They build teamwork, communication under pressure, and the kind of creative problem-solving that shows up in real incident response.

  • Community makes the field. Both events are run entirely by volunteers. The same people show up year after year because they genuinely care about building the Irish cybersecurity community — not because there's anything in it for them personally. That's the version of this industry I want to be part of.

If You're Thinking About Volunteering

If you're studying cybersecurity or already working in the field, I'd strongly encourage getting involved with events like these. The commitment is manageable, the impact is real, and you'll likely learn something yourself in the process.

Zero Days and CTF Schools need people who know the field and are willing to spend a day sharing it. If you're interested, follow ZeroDays CTF to keep an eye on when the next events are announced.