Forescient: Cloud Infrastructure
Forescient is a real, intentionally vulnerable AWS cloud environment that features a front-end website, virtual servers, AWS accounts, and major AWS cloud services. Challenges are mapped to the MITRE ATT&CK framework and reflect key security challenges that plague enterprises cloud operations:
- Cloud Misconfiguration
- Data Exposure
- Abuse & Nefarious Use of Cloud Services
- Credential and Access Management
- Denial of Service
Gameplay Players take on the role of an IT engineer managing the corporate cloud infrastructure through a ticketing system. The fun starts when an encoded email to join a hacking group arrives. Players are then guided by an intelligent chatbot that facilitates tasks and provides hints throughout their mission.
Results Mapped to Courses
Results Mapped to CBT Courses
Individual and team reports allow you to:
- See vulnerabilities found by difficulty level and type
- Baseline against industries and/or roles (e.g. network admin, DB admin
- Track against key performance indicators and goals
- Measure staff risk over time
Based on desired competency levels, a Customer Success Manager (CSM) will determine which Core, Advanced and Elite courses are needed for each role.
Results mapped to MITRE ATT&CK
Results mapped to MITRE ATT&CK Framework
MITRE ATT& CK is a globally-accessible knowledge base of adversary techniques based on real-world observations. It is used by threat hunters, red teamers, and defenders to classify attacks and assess risk.
Cyber range reports are mapped to specific techniques in the framework, making it easy for learners to better understand how hackers penetrate IT systems and discover new avenues of attack.
Baseline Against Security Elite
Baseline Against the Security Elite
We ran our Forescient cyber range (vulnerable AWS infrastructure) at DEFCON. Clients get detailed data to baseline for their teams, but here’s a sneak peek:
- 33% found over half of the challenges (27 total)
- High score was 12110 (90% of total points)
- 94% solved the Cipher challenge
- 8% solved advanced password cracking challenges
Additionally, results were mapped to the MITRE ATT&CK Framework, where players:
- Demonstrated a good understanding of Account Manipulation
- Struggled with Obfuscated Files/Information