SecureOps – Hold the Security Line
While security is not their primary function, IT Operations is beholden to development teams whose applications they need to secure, business teams who depend on software, and security teams that continue to push security activities onto them.
Our SecureOps program combines computer-based training (CBT) with Web and Cloud cyber ranges for the most hands-on way to build skills needed to maintain system security and the availability of key services.
SecureOps covers all operational activities
Ideal for System, IT, Network Teams
- Platforms: AWS, Azure, Android, iOS, Web, Linux, Embedded
- Tech: Database, OS, IoT, containers, orchestration, COTS, Open Source
- Process: DevOps, security engineering, hardening, incidence response, network/application scanning
- Standards: NIST, ISO, PCI, OWASP, CWE
- Environments: Multi-tiered Web & Mobile Applications, Cloud infrastructure
Focus: misconfigurations, insecure APIs, faulty controls, phishing
Attacks: password cracking, data exposure, filter evasion, escalation of privilege, credential bypass
Gameplay: proxies and other tools useful. Mapped to OWASP and MITRE ATT&CK
Results Mapped to Courses
Results Mapped to CBT Courses
Individual and team reports allow you to:
- See vulnerabilities found by difficulty level and type
- Baseline against industries and/or roles (e.g. network admin, DB admin
- Track against key performance indicators and goals
- Measure staff risk over time
Based on desired competency levels, a Customer Success Manager (CSM) will determine which Core, Advanced and Elite courses are needed for each role.
Results mapped to MITRE ATT&CK
Results mapped to MITRE ATT&CK Framework
MITRE ATT& CK is a globally-accessible knowledge base of adversary techniques based on real-world observations. It is used by threat hunters, red teamers, and defenders to classify attacks and assess risk.
Cyber range reports are mapped to specific techniques in the framework, making it easy for learners to better understand how hackers penetrate IT systems and discover new avenues of attack.
Baseline Against Security Elite
Baseline Against the Security Elite
We ran our Forescient cyber range (vulnerable AWS infrastructure) at DEFCON. Clients get detailed data to baseline for their teams, but here’s a sneak peek:
- 33% found over half of the challenges (27 total)
- High score was 12110 (90% of total points)
- 94% solved the Cipher challenge
- 8% solved advanced password cracking challenges
Additionally, results were mapped to the MITRE ATT&CK Framework, where players:
- Demonstrated a good understanding of Account Manipulation
- Struggled with Obfuscated Files/Information