The concept of problem solving is not something new in InfoSec since dealing with the specific scientific field often requires solving problems that are not clearly defined and can not be accurately modeled but at the same time they have similarities to a CTF challenge.
An example of a defensive challenge could be the hardening of a server from multiple identified vulnerabilities and an offensive challenge could be to exploit these vulnerabilities in order to break into the vulnerable server.
So we can not fully know when there was the first time a conference or a meeting included activities that had to do with solving problems in a form of competitive challenges.
The first official reports mention that the very first CTF competition took place in 1996 in the well-known annual DEFCON Security Technology Conference as an additional experimental activity for the participants.
DEFCON CTF was one of the first CTFs in history and continues to be held every year until today with great success. The first CTF was in the form of Attack – Defense but was organized in a very different and more primitive way than it would be organised today.
Since then, the number of CTF events has been increasing steadily and countless new competitions have been designed by universities, corporations, organizations, governments, conferences and independent researchers with different methodology and goals.
Stay updated with all the latest CTF events with CTFTime