EN
A cyber resilience platform that unites 38,000+ white hat hackers and gives businesses a controlled environment to test their defenses under realistic conditions
Cyber stress testing
Risk-free assessment of organizations' cyber resilience
Bug Bounty
Finding vulnerabilities before adversaries do
Cyberbattle
Europe's premier competition for infosec experts and vendors
Hackbase cyberrange
24/7 practice for ethical hackers on realistic system replicas
Defend cyberrange
Hands-on training to master APT attack investigation skills
Cyberdrills
Audit of the information security team's maturity level

We already know the exact date of the next Standoff Cyberbattle

Standoff 17

June 16-19 2026

Cyber Stress Testing

The only true way to measure your company's cyber resilience

Find out how effective your cybersecurity investments are.
Learn more about Standoff Cyber Stress Testing
In cyber stress testing programs, researchers launch attacks to safely simulate events that would not be tolerable for business operations, helping organizations assess their cyber resilience in realistic conditions.
108
+
companies already signed up for a cyber evaluation
2,500
+
researchers ready to test company defenses
Companies pay for results, not effortEthical hackers earn rewards only for validated reports that show attack chains leading to non-tolerable events.Sign up for a cyber stress test
Companies already testing their cyber resilience
Positive Technologies
60 M
Innostage
20 M
Логика Молока
14 M
T-Bank
10 M
Rambler&Co
3 M
The tougher the challenge, the greater the rewardJoin as a researcher and earn up to ₽60M for demonstrating a non-tolerable event.View tasks

Cyber Stress Testing stars

@remembernamer₽5.6M
@brain₽4M
@b4bay₽4M
@FedyaSyel₽2.5M
@Bagley₽2M
 45Malready earned by hackers through cyber stress testingJoin in
How Rambler&Co combines cyber evaluation and bug bounty programs—and why it's important not to confuse the twoLearn more

Bug Bounty

Uncover vulnerabilities before threat actors exploit them

Russia's largest bug hunting platform

Bug bounty programs reward ethical hackers for finding security flaws in organizations' apps, services, and other assets.

Learn more about Standoff Bug Bounty
K24
reports submitted
400+
programs since the platform launch
K65
average payout per vulnerability
10+
critical vulnerabilities found on average per program
Patch security flaws before attackers strikeCompanies learn about real vulnerabilities in their systems and receive actionable recommendations for remediation.Test for vulnerabilities
Dmitry Gadar
Dmitry Gadar

Head of Information Security at T-Bank

"To enhance the protection of our services, we engage the community of security researchers, just like the world's leading companies do."

Already on Standoff Bug Bounty

bitrix.png
flowwow.png
hh.png
tbank.png
ozon.png
jet.png
vk.png
wb.png
bitrix.png
flowwow.png
hh.png
tbank.png
ozon.png
jet.png
vk.png
wb.png
Fast payouts for confirmed vulnerabilitiesSecurity researchers earn rewards for valid reports that meet program criteria.View programs

The biggest bounties

All programs
VK

Up to ₽10M

81 reports accepted
Russian Ministry of Digital Development

Up to ₽1M

50 reports accepted
Standoff 365

Up to ₽1M

106 reports accepted
T-Bank

Up to ₽1M

286 reports accepted
Positive Technologies

Up to ₽1M

5 reports accepted
Ozon

Up to ₽1M

345 reports accepted
Kontur

Up to ₽1M

244 reports accepted
Rambler&Co

Up to ₽500K

96 reports accepted
Wildberries

Up to ₽500K

621 reports accepted

CYBERBATTLE

The most immersive experience for red and blue teams from around the world

An international competition designed to test and enhance offensive and defensive cybersecurity skills on a highly realistic infrastructure

The only cyberbattle with a decade-long legacy

Bringing together cybersecurity professionals from across the globe

Hyper-realistic environment

300+ technological and business processes, featuring controllers and SCADA systems

Attack impact demonstration

Watch cyberattacks play out on a physical 3D model and in the virtual space

Learn more about Standoff Cyberbattle

Investigate live attacks to boost your expertise

Companies test the maturity of their cybersecurity teams against attacks by experienced pentesters.
Learn more

Go head-to-head with top white hat hackers on Europe's largest infrastructure

Security researchers compete to uncover vulnerabilities across various systems and battle for valuable prizes.
Learn more

Dive into the history of the world's largest cyberbattle

Standoff 3
(PHDays, Moscow)

Now offering even more ways to participate

White hat hackers

White hat hackers

Break into replicas of real-life systems and fight for the winner's trophy.

Sign up
Mature SOC teams

Mature SOC teams

Sharpen your defensive skills against live attacks.

Sign up
Software vendors

Software vendors

Get honest, in-depth feedback from your potential users.

Sign up
Security tool vendors

Security tool vendors

Introduce your products to practicing security specialists.

Sign up
Digital twin simulations

Digital twin simulations

Test your infrastructure's security without risk.

Sign up

Hackbase

Hands-on practice for security researchers on replicas of real-world systems

The cyberrange where white hat hackers can sharpen their security assessment and vulnerability discovery skills 24/7

Level up your skills on true-to-life infrastructure, featuring SCADA systems, PLCs, and business processes found in real-world companies.

Learn more about Standoff Hackbase

Three training options

Bootcamp

Tasks with hints — for beginners

Start
Standalone

Single hosts with unique configuration and a set of vulnerabilities

Begin
Industry

Entire industries with infrastructure like real companies

Go
Hackbase seasonsTake part in seasons to explore unique infrastructures available for a limited time.View tasks

Top 5 this season

Bagley
72000
kiberjen
72000
dragom
72000
4
AKUMA
72000
5
mikewazowskai
72000
View leaderboard

DEFEND

Enhance your business's cyber resilience with advanced SOC team training

The cyberrange provides a safe environment to strengthen security teams and prepare them to counter APT attacks.

Making mistakes during real incidents is expensive. Mistakes on the cyberrange safely teach you how to avoid them when it matters.

Learn more about Standoff Defend
12+
real-world APT attacks

Attack simulations replicate the tactics and techniques of real APT groups.

70+
practical cases

Explore notable attacks carried out by white hat hackers during Standoff cyberbattles.

Workshops with top experts
Workshops with top experts

Experienced mentors guide you through complex attack scenarios and help you find effective solutions.

Realistic infrastructure
Realistic infrastructure

Investigate attacks using digital twins of IT environments equipped with the latest software and security tools.

Knowledge base
Knowledge base

Deepen your expertise with extensive materials on incident investigation.

Dmitry Sharapov
Dmitry Sharapov

Managing Director for Information Security, DOM.RF

"We were looking for a tool that would allow us not just to study theory, but to train in conditions as close as possible to a real attack. Standoff Defend proved to be a convenient and well-thought-out solution: the scenarios are close to real incidents, and the online polygon format allows us to combine training with ongoing tasks"

CYBERDRILLS

Test your cybersecurity readiness before adversaries do.

One-day intensive training in retrospective attack investigationSee how mature and cohesive your cybersecurity team is as you investigate real hacker attacks in a controlled environment, all without disrupting your daily operations.
Two participation formats

Standard

For teams with basic investigation skills

Assess your team's expertise level and draw initial conclusions without unnecessary complications.

Ready-made scenarios based on Standoff Cyberbattle attacks

Typical IT infrastructure

Advanced

For experienced teams

Get in-depth team diagnostics and learn to navigate complex scenarios.

Complex attack chains modeled on real APT group tactics

Industry-specific infrastructure closely aligned with your operational environment

Learn more about Standoff Cyberdrills

Setting the bar since 2016

None of this would be possible without our incredible community:

professional pentesters, SOC specialists, bug hunters, and many others

Our ambassadors

r0hackRamazan RamazanovHead of External Penetration Testing at DeteAct, 2023 Standoff Bug Bounty leader, winner of Standoff Hacks in Sochi, and an avid bug hunter who also enjoys biking, scooting, watching TV series, and indulging in both reading and audiobooks.View details
dok64Timofey ChernykhHead of Product Security at OzonView details
BadBlackHatTimur MoldalievCISO at NefteChemService, Standoff 365 achievement: team captain of the only six-time champion team at Standoff. Main areas of work: managing information security at an industrial enterprise. Outside of work: leading a red team and a pentest team, Standoff, red teaming, pentestingView details
33514Alexandra AntipinaRed Team Lead, captain of the legendary Cult team. I also complete challenges on the online cyberrange and occasionally submit bugs for the Standoff Bug Bounty program. Main areas of work: leading a red team and conducting security assessments. Hobbies: flatland snowboarding, enduro, longboarding, traveling around Russia, and enjoying activities that involve fine motor skills—anything from soldering to cross-stitching.View details
brainOleg UlanovIndependent security researcher and senior penetration tester. Loves breaking the web, hiking, and living life to the fullest. View details
DoomMikhail IlyinPentester at JSC "Sogaz", winner of the Russian championship and cup in competitive programming of information security systems. I am interested in clinical psychology and its application in social engineering, I love to travel, I have traveled across the entire Caucasus.View details
rolegivIvan Ryabov Pentester. I started with CTF but quickly realized that the real thrill is finding bugs in real projects on Bug Bounty and getting paid for it. Athlete! t.me/rolegiv_BugBountyView details
pozeslamixNikolay Herzen Security researcher, bug hunter, owner of the KCSEC channel. https://t.me/kosecchannel0View details
ccrskyArtemy TsetserskyCyberthreat Intelligence Expert in Angara Security. Hobbies: snowboarding, tennis, soccer, freeride biking, cyberrange exercises. Status on Standoff 365: Natural beauty, not gay! View details
r0hackRamazan RamazanovHead of External Penetration Testing at DeteAct, 2023 Standoff Bug Bounty leader, winner of Standoff Hacks in Sochi, and an avid bug hunter who also enjoys biking, scooting, watching TV series, and indulging in both reading and audiobooks.View details
dok64Timofey ChernykhHead of Product Security at OzonView details
BadBlackHatTimur MoldalievCISO at NefteChemService, Standoff 365 achievement: team captain of the only six-time champion team at Standoff. Main areas of work: managing information security at an industrial enterprise. Outside of work: leading a red team and a pentest team, Standoff, red teaming, pentestingView details
33514Alexandra AntipinaRed Team Lead, captain of the legendary Cult team. I also complete challenges on the online cyberrange and occasionally submit bugs for the Standoff Bug Bounty program. Main areas of work: leading a red team and conducting security assessments. Hobbies: flatland snowboarding, enduro, longboarding, traveling around Russia, and enjoying activities that involve fine motor skills—anything from soldering to cross-stitching.View details
brainOleg UlanovIndependent security researcher and senior penetration tester. Loves breaking the web, hiking, and living life to the fullest. View details
DoomMikhail IlyinPentester at JSC "Sogaz", winner of the Russian championship and cup in competitive programming of information security systems. I am interested in clinical psychology and its application in social engineering, I love to travel, I have traveled across the entire Caucasus.View details
rolegivIvan Ryabov Pentester. I started with CTF but quickly realized that the real thrill is finding bugs in real projects on Bug Bounty and getting paid for it. Athlete! t.me/rolegiv_BugBountyView details
pozeslamixNikolay Herzen Security researcher, bug hunter, owner of the KCSEC channel. https://t.me/kosecchannel0View details
ccrskyArtemy TsetserskyCyberthreat Intelligence Expert in Angara Security. Hobbies: snowboarding, tennis, soccer, freeride biking, cyberrange exercises. Status on Standoff 365: Natural beauty, not gay! View details
What top cybersecurity experts have to say about Standoff
Working in an infrastructure of hundreds of hosts — no laboratory can reach such scaleYaroslav Shmelev, hummelchen
It’s not every day you see a power plant going downViktor Zvarykin, VeeZy
Standoff has always been known for simulating a real audit, not just participating in a CTFOlzhats Satiev
That’s at least 30 hours of hacking with full immersionIvan Nagornov
In 2018, it was a dream come true in the category of «recognition» of one’s skillsPetr Zuzanov, GopherZ
Bug Bounty is an opportunity to contribute to strengthening securityKirill Bagley

Join our community

Standoff 365Our main channel for sharing essential updates, insights, and news
Standoff Bug Bounty TipsA Russian-language channel where bug hunters stay informed about new programs
Standoff Bug BountyYour go-to news hub for our international community
Standoff CyberbattleAll the key cyberbattle updates