CMD+CTRL Security announced the launch of its new Forescient
cyber range, now available on its award-winning, hands-on, Base Camp training
platform. Designed specifically for Microsoft Azure users, this intermediate
cyber range includes 30 distinct security challenges, and more than a dozen
vulnerability types based on threats aligned with the MITRE ATT&CK
Framework. The Forescient cyber range is a dynamic training tool that
challenges users to find and resolve development, configuration, and
integration challenges across multiple servers, services, accounts, and a web
interface. It prepares participants to think like an attacker to better defend
against the latest cybersecurity threats in the Microsoft Azure cloud
environment.
Forescient is an
intentionally vulnerable Azure cloud environment designed for cloud developers
and engineers as well as DevOps engineers and a wide range of SDLC roles. It
challenges users to find configuration and security issues. Participants are
guided through a mission-based storyline by an intelligent chatbot, facing
challenges that reflect real-world attacks mapped to the MITRE ATT&CK
Framework, including cloud misconfigurations, data exposure, spear phishing,
denial of service, and more.
In its March 2024 Cyber Range Solutions Matrix, analyst firm Datos
Insights categorized CMD+CTRL Security cyber ranges as "Best in Class" noting,
"There is no other choice regarding upskilling application and API developers,
and organizations will find CMD+CTRL an exceptional tool to upskill application
developers."
In Forescient,
players take on the role of an IT engineer managing a corporate cloud
infrastructure through a ticketing system. In this immersive, gamified
approach, the challenge begins with an encoded email to join a hacking group.
Participants are then guided by a chatbot that facilitates tasks and provides
hints throughout the mission.
Security training is
driven by the need to ensure customer satisfaction, speed time to market, and
reduce costs. In a recent study of cybersecurity executives conducted by Wakefield
Research on behalf of CMD+CTRL Security, the majority of executives (63%) noted
they spend between $1M and $4M annually on software security training, with
almost all of them (97%) providing some software security training for their IT
and software development teams. Yet almost half of all executives (48%)
struggle to find software security training that covers all software
development roles. CMD+CTRL Security's cyber ranges are designed to meet this need.
"Forescient's realistic environment helps participants learn how to spot
real-world vulnerabilities hackers would exploit and learn the implications of
insecure applications so they can prevent attack vectors," said Jose Lazu,
Senior Manager of Product at CMD+CTRL Security. "We developed this latest cyber
range based on feedback from our customers who asked us for a dedicated
Azure-based range."
The CMD+CTRL Security
Base Camp Training Platform
More
than 300 companies and over one million participants have enhanced their skills
with CMD+CTRL Security's award-winning training, from Global 100 software
companies to mid-size tech companies, financial services firms, and retailers.
CMD+CTRL Security is ranked as a leader in the Fall 2024 G2
Grid Report for Secure Code Training, and was recently named a Most
Innovative award winner in the cybersecurity training category for Cyber
Defense Magazine's 2024 Top InfoSec Innovators awards.
Forescient
is the 12th immersive Cyber Range in CMD+CTRL Security's integrated,
role-based training program and is offered in sessions ranging from a half-day
to a full week proctored session. It is designed to present an intermediate
level challenge that complements other ranges that vary in difficulty and tech
stacks, including:
- Shadow Bank (basic)
- banking application focused on OWASP Top 10 and security principles
- Shadow Health
(intermediate) - realistic medical information management simulation with
insecure applications to showcase the importance of access controls
- LetSee Marketplace (advanced)
-single page application (SPA) with a heavy API focus
- Infinicrate
(advanced) - cloud file storage application for teams using GitHub,
cloud services, and development tools
- MailJay (advanced)
- level challenge cloud-native marketing automation SaaS suite that
emulates a modern-day marketing application, as well as its front-end and
back-end services