{{announcement.body}}
{{announcement.title}}
Refcard #328

Getting Started With Cyber Ranges

Simulated Environments for Cybersecurity Training

Nearly every major company is redefining themselves as a software or technology company, and leaders are making cybersecurity one of their top priorities with a particular focus on workforce development. A growing number of bootcamps and programs are providing modern approaches to practical skills training, such as hands-on learning via simulated environments. This Refcard provides a brief overview and history of Cyber Ranges and quick examples of techniques to use on a live-action website.

Published: Apr. 10, 2020
1,057
Free PDF for easy Reference

Brought to you by

Security Innovation
refcard cover

Written by

author avatar Chad Holmes Product Marketing Manager, Security Innovation
asset cover
Refcard #328

Getting Started With Cyber Ranges

Simulated Environments for Cybersecurity Training

Nearly every major company is redefining themselves as a software or technology company, and leaders are making cybersecurity one of their top priorities with a particular focus on workforce development. A growing number of bootcamps and programs are providing modern approaches to practical skills training, such as hands-on learning via simulated environments. This Refcard provides a brief overview and history of Cyber Ranges and quick examples of techniques to use on a live-action website.

Published: Apr. 10, 2020
1,057
Free PDF for easy Reference

Written by

author avatar Chad Holmes Product Marketing Manager, Security Innovation

Brought to you by

Security Innovation
Table of Contents

Introduction

Cybersecurity Training

What Are Cyber Ranges?

Cyber Ranges in Action: Examples of Basic Techniques

Additional Resources

Section 1

Introduction

As cyberattacks have grown from occasional front-page headlines to daily occurrences, the attention paid by organizations to secure their products and infrastructure has predictably increased as well.

It’s a safe bet that most organizations rely on a small group of self-taught team members driven by decades of interest, passion, and hard work. These are clearly desirable qualities but also qualities that indicate numerous missed opportunities for more efficient training — and training of others who may be equally capable.

Add to the equation that even entry-level cybersecurity jobs require experience in a significant number of topics including subsets of Software Security, Computer Science, Software Development, Networking, Writing, and Communication. Organizations such as Cybersecurity Ventures are projecting 3.5 million unfilled jobs worldwide by 2021.

Throughout this Refcard, we will help readers quickly ramp up on the rapidly evolving training mechanisms known as Cyber Ranges. This will include a history of the technology, benefits to learners, key features, and most importantly, guidance on where and how to access a live Cyber Range to enhance your skills.


This is a preview of the Getting Started With Cyber Ranges Refcard. To read the entire Refcard, please download the PDF from the link above.

Section 2

Cybersecurity Training

With nearly every major company in the world redefining themselves as a software or technology company, cybersecurity workforce development is shifting investment to internal and external training. As a result, there are a growing number of bootcamps and programs that focus on practical day-to-day skills rather than those taught in many traditional four-year programs.

The growing workforce of young tech professionals has largely experienced education via technology, giving them an instinctive understanding of learning in interactive and gamified environments. An approach to learning delivery that is rapidly gaining attention is simulated environments, which provide hands-on training of defensive and offensive cybersecurity techniques — known in the industry as cyber ranges.


This is a preview of the Getting Started With Cyber Ranges Refcard. To read the entire Refcard, please download the PDF from the link above.

Section 3

What Are Cyber Ranges?

The term cyber range is not yet a household one, but it is garnering increased attention due to its efficacy. Cyber ranges provide simulated environments that let participants improve their cybersecurity skills through simulated attack and defense exercises.

Benefits and Key Features of Cyber Ranges

Similar to flight simulators, cyber ranges are a safe environment to practice concepts learned. It’s becoming increasingly common to see cyber ranges included in blended training programs, such as traditional entry-level training, hands-on cyber range practice, and personalized advanced training.

The many benefits of cyber ranges are often evident after a few minutes’ experience. They provide an engaging learning environment, scale to the needs of an organization, and complement traditional approaches to learning well.

With the variety of cyber ranges available in the industry, it can be difficult to find the correct starting point. Most business leaders in an organization won’t see any immediate benefits from the more technical offerings, while cyber ranges with a specific focus may not address the needs of your team.

Teams, departments, and organizations with a security-first focus — and those aiming to ramp up their internal security training and overall capabilities — should consider the most important qualities of effective cyber ranges:

  • Easily deployed environments (often cloud-based) with access to individual instances.
  • Comprehensive features that cover industry-specific vulnerabilities.
  • Wide-ranging enablement of all skill levels to enable interdepartmental and team collaboration.

This is a preview of the Getting Started With Cyber Ranges Refcard. To read the entire Refcard, please download the PDF from the link above.

Section 4

Cyber Ranges in Action: Examples of Basic Techniques

The CMD+CTRL Cyber Range is a cloud-based platform that builds and assesses cybersecurity skills through hands-on simulation. From simple web applications to complex enterprise environments, the authentic cyber range challenges players to think like an attacker to probe system structure, exploit weaknesses, and make interlinking decisions.

The InstaFriends Cyber Range showcases the power of CMD+CTRL, helping users practice basic attack techniques.

Getting Started With the InstaFriends Cyber Range

The InstaFriends Cyber Range is a live-action website containing more than 55 vulnerabilities ready for you to sniff out. The challenges vary in difficulty, so it’s a great experience for first timers and seasoned pros alike. Automated scoring, buyable hints, and other interactive features will transform you into a formidable competitor.

This Refcard includes four quick examples of basic challenges within the InstaFriends Cyber Range:

  • Extracting System Info Through Improperly Handled Errors
  • Injecting Code via XSS Attacks
  • Viewing Private Groups Through Parameter Tampering
  • Accessing Other Accounts With SQL Injection

This is a preview of the Getting Started With Cyber Ranges Refcard. To read the entire Refcard, please download the PDF from the link above.

Section 5

Additional Resources

Tools to get you started:


This is a preview of the Getting Started With Cyber Ranges Refcard. To read the entire Refcard, please download the PDF from the link above.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}