RangeForce revealed the addition of new capabilities to its team threat exercises platform, making it easier for organizations to accelerate the skill development of their security teams through multi-user detection and response exercises of simulated attacks.
RangeForce’s team threat exercises enable security teams to protect the security stack by configuring it, selecting an attack scenario, executing the threat exercise, reviewing post-exercise results, and developing a targeted training plan.
Ben Langrill, Senior Director of Product Engineering for RangeForce stated, “RangeForce threat exercises are based on years of running hundreds of live cyber events and deliver the most realistic experience for teams using headline-making attack scenarios and the same security tools they use every day. They provide participants the opportunity to acquire hands-on skills, so they build the muscle memory to meet threat actors head-on.”
The cyber environment used in RangeForce exercises goes beyond the conventional tabletop exercise, necessitating those participants to use well-known security tools like Splunk and Fortigate to find threats and take appropriate action. Events follow the NIST cybersecurity framework and include a combination of threat intelligence, threat hunting, digital forensics, and system hardening skills to mitigate threats based on current malware trends.
The new capabilities include a larger content catalog with dozens of scenarios covering advanced persistent threat (APT) behaviors like credential harvesting, exploitation of misconfigured AWS S3 buckets, ransomware, data exfiltration, and more. It also provides robust post-action reports for teams along with feedback on technical strengths and weaknesses; time to detect, respond, and mitigate; the number of hints required; and soft skill analysis. It provides support for developing custom post-exercise training plans based on team performance to address skill gaps and enable a continuous approach to cyber readiness development.
Read more articles: