Boring.Security hackathon by Sola.

$ecur1ty H4ckath0n.By Sola

You could win $20,000 building something that makes security less annoying.

Build agentic solutions that tackle real, boring security tasks with Sola Security. Submissions are open for three weeks, and the internet chooses the winners.

Build with Sola Getting started

Prize pool.

$35,000

Submission deadline.

June 22, 2026

Voting closes.

June 30, 2026

Submissions

Sort by:

Pangolin

#Huang Chung YI

CI/CD security scanner: Sola MCP data + regex patterns + LLM attack chain analysis + Semgrep cross-validation + auto-fix PR generation.

GitHub

Semgrep

Slack (connector)

CSV

SaaS OAuth Risk Scorer

#aryansakaria

Scores every Google Workspace OAuth grant by risk — permissions × vendor trust + exposure - with live Sola queries, typosquat detection, and Slack alerts.

GCP

Google Workspace

Slack (connector)

Account TakeOver Tracer

#Alvaro Diaz

Catches account takeovers by correlating Okta logins with GitHub access risk - MFA-fatigue detection, AbuseIPDB enrichment, live SOC dashboard via Sola.

Okta

GitHub

AbuseIPDB (connector)

Blast Radius

#devploit

When a GCP service-account key leaks to GitHub, Blast Radius computes what it actually opens - IAM reach, privilege-escalation paths, severity - live, in second

GCP

GitHub

Automated Scheduled Access Review

#Ben J. D.

AI agent that audits identity access across 7 platforms, flags risks, and generates an HTML report.

AWS

Azure

GCP

Okta

Google Workspace

GitHub

HiBob

Ash's Unencrypted AWS Asset Hunter

#Ash9100

My project finds S3 buckets, EBS volumes and dbs that were created without encryption enabled

AWS

Identity hygiene for cloud IAM inactivity

#Fabio R.

I got tired of exporting CSVs to find dormant accounts. This app scans AWS, Azure and GCP, sends weekly digests and tickets + 2 canvases for my CISO and team.

AWS

Azure

GCP