Recently, the Advanced Cyber Security Center (ACSC) conducted its annual red vs. blue exercise. The ACSC, which launched in 2011, is a nonprofit group dedicated to strengthening cyber defenses and preparing member companies to respond to cyber threats effectively. They are a critical resource for building collaborative cyber defenses for both public and private sectors.
As the official cyber range provider for the ACSC, SimSpace is happy to share a blog about its latest red vs. blue exercise:
Collaborative Defense is a core principle for the Advanced Cyber Security Center (ACSC) and the Cyber Range program puts front line cyber defenders, our Blue Teamers, up against a live adversary – the SimSpace Red Team.
Our annual exercise allows members to bring a team of SOC analysts and threat hunters to go head to head against the talented SimSpace Red Teamers, emulating a sophisticated adversary. This provides a unique professional development opportunity for our member participants.
The novel threat presentation begins with the adversary gaining access to the range network, then they undertake a series of malicious moves – they move laterally in the network, leave some malicious files, exfiltrate valuable data, establish persistence, and then exit the environment – leaving a trail of clues in the network logs for the Blue Teamers to put together, document the adversary’s activity, and stop it in real time.
Why do our member teams utilize cyber ranges?
The exercise and the joint, collaborative debrief allowed a group of experienced incident responders to grow their peer network and hear about peer practice from a shared experience – takeaways that are hard to come by from other venues.
This program builds on lessons learned and includes a range of offerings that provide more flexibility and a more concerted effort to continue to build these front line, blue team peer groups. Learn more about the ACSC commitment to cyber exercises.
Take the next step toward continuous security improvement
With SimSpace, you can assess
and optimize your complete
security posture — all in one platform