Team Doria was named the overall winner of the ITWeb Security Summit 2026 Hackathon, taking home R20 000.
Doria is an AI-powered supply chain security platform that helps developers identify and block malicious software dependencies before they reach developer environments.
More than 850 applicants and participants from across South Africa and, for the first time, Kenya, took part in the hackathon.
The hackathon, which forms part of the annual ITWeb Security Summit, was established a decade ago by Geekulcha and ITWeb, to invest in cyber security talent and help build South Africa’s future cyber defence capabilities.
Tiyani Nghonyama, COO of Geekulcha, said participants underwent training focused on imagining a cyber-resilient future, while developing practical cyber security skills through a series of challenges and activities.
“For the past 10 years, the ITWeb Security Summit Hackathon has brought together young people from diverse backgrounds to build solutions, showcase their skills and demonstrate their capabilities,” said Nghonyama.
The hackathon featured three key challenges – the Secure Innovation Challenge, Blue Teaming and Red Teaming Capture the Flag (CTF) challenge – under the theme “Hackers Assemble”.
The CTF competitions were designed to provide participants with a full penetration-testing experience. Competitors were required not only to capture flags but also to produce formal reports containing recommendations, helping them develop practical skills in testing, analysing and securing systems.
“The standard of work was exceptionally high, and the final scores were remarkably close, making the selection of a winner particularly challenging. Each participant demonstrated outstanding commitment, focus and passion throughout the competition,” said Waricke Robertson, security analyst at Telspace Africa, and one of the mentors for the CTF Red Team.
Entries were judged on innovation, secure design and development, vulnerability management and risk mitigation, AI integration and security resilience, and overall security effectiveness.
Several organisations supported the hackathon, including the Northern Cape Department of Economic Development and Tourism, CompTIA, Snode Technologies, the Institute of Information Technology Professionals South Africa, the CSA South Africa Chapter, Sol Plaatje University, KZN Tech Horizons, the Centre for Public Service Innovation and the University of Limpopo.
During the awards ceremony, special recognition was given to Alex Dodd, a high school participant attending his fourth hackathon, for his contribution to the programme and support of fellow participants.
Dr James Stanger, chief technology evangelist at CompTIA, was recognised for his support of the Security Summit Hackathon, while Eva Mamabolo, a lecturer at Sol Plaatje University, received recognition for her efforts in developing student talent.
“Being called into the mentor ‘war room’ on day one was a wake-up call. The industry professionals challenged us on how we were securing our own software while trying to secure others, which pushed us to strengthen our solution and ultimately helped set the standard for our win,” said Elvis Chege Ndungu of Team Doria.
Juveni Q finished in second place, taking home R10 000. The team developed an AI-powered cyber immune system designed to strengthen the cyber security resilience of public sector institutions and critical infrastructure through adaptive and multilingual threat detection.
Siyabona finished in third place, taking home R5 000. The team's mobile-focused cyber security platform detects phishing links and suspicious SMS messages in real-time, warning users before they interact with potentially malicious content.
Cyber Defence, by Lesoko Monyepao, a Unisa Business Informatics student, won the Blue Teaming Capture the Flag challenge.
Miss Malicious, by Katlego Tsebe, a Unisa BSc Informatics student, won the Red Teaming Capture the Flag category.
Participants in the winning teams also received a six-month Rebel Access licence to the Subverted Academy platform.
“Compared to previous years, the most significant change in this year's competition was the increased emphasis on embedding security throughout the software development lifecycle,” said Thuliswa Funda, senior penetration tester at Snode Technologies and one of the judges.
“The Secure Innovation Challenge placed a much stronger focus on secure-by-design principles, requiring teams to demonstrate threat modelling, risk assessments, security testing and security controls, rather than focusing solely on functionality and innovation.”
Share
