![[2602.18172] Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning](https://arxiv.org/static/browse/0.3.4/images/arxiv-logo-fb.png){kind=logo}
[2602.18172] Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning
Summary
This study explores how AI can facilitate novice learning in cybersecurity Capture-the-Flag (CTF) competitions by lowering entry barriers and enhancing engagement.
Why It Matters
As cybersecurity threats grow, effective training methods are crucial. This research highlights the potential of AI to make cybersecurity education more accessible, addressing the skills gap and fostering a new generation of cybersecurity professionals.
Key Takeaways
- AI frameworks can reduce cognitive workload for beginners in CTF competitions.
- Agentic AI provides structure and guidance, facilitating better learning outcomes.
- New challenges arise in trust and dependency on AI in cybersecurity education.
- Quantitative metrics indicate improved strategy exploration among novices.
- The study suggests further research into human-centered AI applications in cybersecurity.
Computer Science > Cryptography and Security arXiv:2602.18172 (cs) [Submitted on 20 Feb 2026] Title:Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning Authors:Cathrin Schachner, Jasmin Wachter View a PDF of the paper titled Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning, by Cathrin Schachner and Jasmin Wachter View PDF HTML (experimental) Abstract:Capture-the-Flag (CTF) competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating penetration testing tasks. However, their role in shaping novice learning remains underexplored. We present a human-centered, mixed-methods case study examining how agentic AI frameworks -- here Cybersecurity AI (CAI) -- mediates novice entry into CTF-based penetration testing. An undergraduate student without prior hacking experience attempted to approach performance benchmarks from a national cybersecurity challenge using CAI. Quantitative performance metrics were complemented by structured reflective analysis of learning progression and AI interaction patterns. Our thematic analysis suggest that agentic AI reduces initial entry barriers by providing overview, structure and guidance, thereby lowering the cognitive workload during ea...
