Collaborative Defense
Collaborative Defense is a core principle for the Advanced Cyber Security Center (ACSC) and the Cyber Range program puts front line cyber defenders, our Blue Teamers, up against a live adversary – the SimSpace Red Team.
The unique “hands-on-keyboard” offering
Our annual exercise allows members to bring a team of SOC analysts and threat hunters to go head to head against the talented SimSpace Red Teamers, emulating a sophisticated adversary. This provides a unique professional development opportunity for our member participants.
The novel threat presentation begins with the adversary gaining access to the range network, then they undertake a series of malicious moves – they move laterally in the network, leave some malicious files, exfiltrate valuable data, establish persistence, and then exit the environment – leaving a trail of clues in the network logs for the Blue Teamers to put together, document the adversary’s activity, and stop it in real time.
Why do our member teams utilize cyber ranges?
Why do our member teams utilize cyber ranges?
- To build team dynamics, have fun, work on communications, and interact with colleagues in a slightly stressful situation
- To bring new team members in to observe how they investigate, communicate, and build situation awareness
- To hone threat hunting skills and work on communication and documentation
- To try new investigation techniques
The exercise and the joint, collaborative debrief allowed a group of experienced incident responders to grow their peer network and hear about peer practice from a shared experience – takeaways that are hard to come by from other venues.
This program builds on lessons learned and includes a range of offerings that provide more flexibility and a more concerted effort to continue to build these front line, blue team peer groups. Learn more about the ACSC commitment to cyber exercises.
.svg)
.svg)
.svg)
.svg)