Key Capabilities / Features

Through a fun, interactive, gamified approach to training, that includes missions, competitions and leaderboards, companies use the CMD+CTRL Cyber Range to reinforce application security concepts, assess employee application security competency and maximize collaboration and knowledge sharing. The program offers a variety of challenges including broken access controls, injection, cross-site scripting vulnerabilities, SSRF, Log4j and “capture the flag” challenges.

The CMD+CTRL Cyber Range Program is consistently updated to reflect the complexity and risk of today’s tech stacks including flawed design, defenseless code and misconfigured deployments. The CMD+CTRL Security Cyber Range portfolio consists of 11 simulated environments designed to support application developers as they build and refine secure coding skills and progress along a learning journey. The simulated environments range in difficulty from basic to advanced and include application, services and cloud-based ranges.

The CMD+CTRL Cyber Range is a hands-on training platform that uses insecure software environments to hone security skills. It includes:

• Real-World Environments - Pre-configured environments representing web sites, cloud platforms, and complex mobile and Single-Page Applications (SPA) with rich API functionality. Technically sophisticated, the CMD+CTRL Cyber Range is cloud-based with nothing to install. Tools are useful but not required, and supporting assets ensure all skill levels can train.

• Explore and Exploit Safely - Players find information disclosures, probe the tech stack, and search source code, URLs, and headers for clues. When an exploit is found, points are awarded by a sophisticated auto-scoring engine. Drop tables and crash servers without disruption – each player has their own instance and can reset at any time.

• Get Immediate Feedback and Benchmarking - The dashboard shows completed and unsolved challenges, hints used, and other player insights. The always-on scoreboard turns passive participants into determined competitors bursting with confidence.

How we are different

The CMD+CTRL Security Cyber Range is the only ultra-realistic, gamified cyber range that makes learning fun for teams and helps organizations to:

• Prepare for the Latest Threats – CMD+CTRL Security understands the reputation and customer trust of organizations are at risk every day. It takes a proactive approach to providing the latest security training by monitoring the threat landscape to deliver programs that arm teams against the latest attacks and vulnerabilities. The company continually monitors updates to OWASP guidance and introduces new curriculum and learning tools that align to industry standards to help customers stay ahead of emerging threats.

• Train Using Real-World Scenarios – Unique in application security specific training, the CMD+CTRL Security’s cloud-based cyber ranges feature pre-configured, real world environments representing web sites, cloud platforms, and complex mobile and Single-Page Applications (SPA) with rich API functionality. It is ideal for all skill levels and to help all stakeholders in the SDLC experience first-hand the impact of poor design, coding, and configuration.

• Assess and Measure Team Skills – Through knowledge exams and hands-on skills verification organizations can address skills gaps efficiently by analyzing the performance of users and customizing training to the skill level of each learner. This not only saves time and money, it also increases employee satisfaction while helping the organization keep up with evolving threats.