SSyC logo SSyC'26
Tracks Timeline Prizes Scope Guide FAQ
India's First and Only Hybrid Dev+Bug Bounty National Hackathon
emoji_events ₹3,50,000 Prize Pool
timer Reg. closes in --d --h --m

Secure Systems
Challenge 2026 (SSyC'26)

Development That Doesn’t End at Deployment.

Production Is the Real Playground.

₹599/team ₹299 Early Bird Save 50%
₹299/solo ₹199 Early Bird Save 33%
forum Join Official Discord
127 participants registered
verified Open-source scoring
security Neutral judges

Comprehensive event documentation and rulebooks will be provided upon joining.

After registration, participants will access the SSyC platform to manage teams, submissions, and reports.

The Loop

How It Works

A continuous battle cycle between builders and breakers on live infrastructure.

code

Round 1

Build & Deploy

Dev teams build real, production-grade secure systems and deploy them live to the internet.

pest_control

Round 2

Hack Live Systems

Solo hackers attack real deployed infrastructure. No CTF flags — real exploits on real systems.

build

Round 3

Fix & Harden

Developers patch reported vulnerabilities under a timed fix window. Speed and quality both matter.

emoji_events

Round 4

Score & Win

Hackers re-test patches. Final leaderboards are calculated. Prizes distributed to both tracks.

Overview

What is SSyC?

Real deployment. Real attacks. Real consequences.

architecture

Team-based Development

Build secure, resilient systems under strict requirements. Deploy your infrastructure and defend it against live human attackers. Your code isn't finished until it survives the red team.

  • Build Phase
  • Fix Window
  • Defense Scoring
security

Solo Bug Bounty

No simulations. No CTF flags. Attack real infrastructure built by other teams. Find vulnerabilities, exploit them, and report them for points and cash bounties in a live environment.

  • Live Exploitation
  • Re-Test Phase
  • Offense Scoring

Event Timeline

Deadline
Registration Ends

All Tracks

Mar 14, 8:00 PM
Round 01
Build & Deploy

Dev Track

Mar 1, 8:00 PM — Mar 15, 8:00 PM
Round 02
Live Bug Bounty

BB Track

Mar 20, 6:00 PM — Mar 21, 8:00 PM
Round 03
Fix Window

Dev Track

Mar 22, 10:00 AM — 10:00 PM
Round 04
Re-Test

BB Track

Mar 22, 10:00 PM — Mar 23, 10:00 PM
Conclusion
Final Ranking
emoji_events

5-10 Days Later

  • Digital Certificates
  • Prize Distribution
  • Hall of Fame (Bug Bounty)
  • Special Badges (Most Secure, etc.)

Prizes & Rewards

emoji_events

Total Prize Pool

₹3,50,000

code Hackathon

Team Track
🥇 1st
₹1,00,000
🥈 2nd
₹50,000
🥉 3rd
₹25,000

bug_report Bug Bounty

Solo Track
🥇 1st
₹75,000
🥈 2nd
₹40,000
🥉 3rd
₹25,000
4th Place ₹15,000
5th Place ₹10,000

Prize distribution is subject to minimum participation thresholds and sponsorship alignment.

workspace_premium

SSyC Finalist Circle

Unlocked by qualified finalists

This is reserved for the cream of the crop. Qualifiers of Round 1 (Dev) & Round 2 (Hacker) unlock a lifetime membership to an exclusive ecosystem.

groups
Private Community

Direct interaction with mentors and peers.

verified
Exclusive Recognition

Digital verification of your elite status.

rocket_launch
Early Access

Access to future initiatives before public.

school

SSyC College Lead

Become the face of SSyC at your campus. Whether you are a developer or a security enthusiast, lead the charge. We select 1-2 representatives per college.

Reward for Top 10 Leads

Official SSyC'26 Black Hoodie + Exclusive Goodies Kit.

Premium Black Hoodie Mockup

Challenge Scope

lock

Problem Statements

calendar_month

Releasing on March 1, 2026

All challenge details have been carefully designed and sealed to ensure a fair start for every participant. The full problem set will be published on March 1 — stay tuned and prepare broadly.

Participation Guide

timer

Commitment & Suitability

Time Investment

Moderate/Intensive: Expect a week-long engagement. Active monitoring during attack windows is crucial for defense teams.

Ideal For
  • Real-system deployment
  • Security feedback loops
  • Infrastructure hardening
Not For
  • Idea-only projects
  • Mockup prototypes
  • Passive participation
checklist

Prerequisites Checklist

Developers
  • check_circle Ability to deploy & maintain cloud infrastructure
  • check_circle Ready for rapid patch response cycles
  • check_circle Team size of 2-4 members
Hackers
  • check_circle Applied web security knowledge (OWASP Top 10)
  • check_circle Responsible disclosure mindset
  • check_circle Report writing skills (CVSS scoring familiarity)
redeem

Your Access Pass

What You Get

Dev: ₹299 Early Bird Hacker: ₹199 Early Bird
trophy

Entry to
₹3.5L Prize Pool

workspace_premium

Verified
Digital Certificate

dns

Live Attack
Infrastructure

forum

Lifetime
Discord Access

leaderboard

Public
Hall of Fame

rocket_launch

Early Access to
Future Editions

sync_alt How Development & Bug Bounty Are Connected

SSyC creates a symbiotic environment where code quality is directly tested by adversarial action. Developers receive real-time vulnerability reports from Bug Bounty participants. This feedback loop forces developers to understand exploit vectors, while attackers learn how modern defenses are implemented in production. It is a continuous cycle of break, fix, and harden.

info Registration Requirements

  • group Dev Team
    2-4 Members
    ₹599 ₹299 EB
  • person Bug Bounty
    Solo Only
    ₹299 ₹199 EB
  • code GitHub Required

school What You Will Actually Learn

  • Secure Infrastructure as Code (IaC)
  • Real-world vulnerability triage
  • Patching under pressure
  • Offensive security methodologies
  • Production deployment pipelines

visibility Transparency & Fairness

All scoring logic is open-source. Bug bounty reports are validated by neutral judges from SSyC. Development uptime is monitored by independent probers. We commit to a level playing field where skill is the only variable.

campaign Official Communication & Support

All critical updates, technical clarifications, and results will be announced via the official dashboard and Discord server. Participants are expected to monitor these channels for real-time adjustments during the live phases.

Got Questions?

Frequently Asked

Is this beginner-friendly?
expand_more

The Dev track requires real cloud deployment experience — it is intermediate to advanced. The Bug Bounty track is accessible if you know OWASP Top 10 basics and can responsibly report findings. Total beginners are welcome to learn, but teams/solos who ship and hack win.

What tech stack do I need?
expand_more

Any stack that can be deployed to a public URL and exposes a web surface. Problem statements release on March 1 — there is no single enforced language. Developers proficient in Node.js, Python, Go, or similar backend frameworks are well-positioned.

Will I get a certificate even if I don't win?
expand_more

Yes. All participants who complete the event receive a verified digital certificate of participation. Finalists additionally receive the SSyC Finalist Circle badge — a lifetime credential in the SSyC ecosystem.

Is this a 24/7 event?
expand_more

While infrastructure stays live, specific attack windows are time-boxed so participants can rest. Full schedules are released on the SSyC platform after registration.

Can I participate in both tracks?
expand_more

No. To ensure fairness and eliminate conflicts of interest (a developer cannot also attack other teams' systems), you must register as either a Developer Team or a Solo Bug Bounty Hunter.

How is bug severity scored?
expand_more

Reports are scored using the CVSS v3.1 framework. Critical (9.0–10) and High (7.0–8.9) bugs earn the most points. Neutral SSyC judges validate each report — duplicate or invalid reports receive zero points. Quality beats quantity.

Is the registration fee refundable?
expand_more

Registration fees are non-refundable after payment. In the unlikely event of full event cancellation by SSyC, refunds will be processed. Partial withdrawal or no-show does not qualify for a refund.

Where can I ask more questions?
expand_more

Join our official Discord server — our team is active and will respond to all queries before the March 14 deadline.

rocket_launch How SSyC Will Evolve

SSyC starts as a specialized event for secure systems engineering but aims to become the standard benchmark for full-stack security skills.

Future iterations will introduce automated red-teaming bots, complex microservices architectures, and cross-team collaboration phases. We are building a community where the line between builder and breaker dissolves into pure engineering excellence.

Closes in --d --h --m