Wilmington, Mass. – November 12, 2024 – CMD+CTRL Security, a leader in software security training, today announced the launch of its new Forescient cyber range, now available on its award-winning, hands-on, Base Camp training platform. Designed specifically for Microsoft Azure users, this intermediate cyber range includes 30 distinct security challenges and more than a dozen vulnerability types based on threats aligned with the MITRE ATT&CK® Framework. The Forescient cyber range is a dynamic training tool that challenges users to find and resolve development, configuration and integration challenges across multiple servers, services, accounts and a web interface. It prepares participants to think like an attacker to better defend against the latest cybersecurity threats in the Microsoft Azure cloud environment.
Forescient is an intentionally vulnerable Azure cloud environment designed for cloud developers and engineers as well as DevOps engineers and a wide range of SDLC roles. It challenges users to find configuration and security issues. Participants are guided through a mission-based storyline by an intelligent chatbot, facing challenges that reflect real-world attacks mapped to the MITRE ATT&CK® Framework, including cloud misconfigurations, data exposure, spear phishing, denial of service, and more.
In its March 2024 Cyber Range Solutions Matrix, analyst firm Datos Insights categorized CMD+CTRL Security cyber ranges as “Best in Class” noting, “There is no other choice regarding upskilling application and API developers, and organizations will find CMD+CTRL an exceptional tool to upskill application developers.”
In Forescient, players take on the role of an IT engineer managing a corporate cloud infrastructure through a ticketing system. In this immersive, gamified approach, the challenge begins with an encoded email to join a hacking group. Participants are then guided by a chatbot that facilitates tasks and provides hints throughout the mission.
Security training is driven by the need to ensure customer satisfaction, speed time to market, and reduce costs. In a recent study of cybersecurity executives conducted by Wakefield Research on behalf of CMD+CTRL Security, the majority of executives (63%) noted they spend between $1M and $4M annually on software security training, with almost all of them (97%) providing some software security training for their IT and software development teams. Yet almost half of all executives (48%) struggle to find software security training that covers all software development roles. CMD+CTRL Security’s cyber ranges are designed to meet this need.
“Forescient’s realistic environment helps participants learn how to spot real-world vulnerabilities hackers would exploit and learn the implications of insecure applications so they can prevent attack vectors,” said Jose Lazu, Senior Manager of Product at CMD+CTRL Security. “We developed this latest cyber range based on feedback from our customers who asked us for a dedicated Azure-based range.”
The CMD+CTRL Security Base Camp Training Platform
More than 300 companies and over one million participants have enhanced their skills with CMD+CTRL Security’s award-winning training, from Global 100 software companies to mid-size tech companies, financial services firms, and retailers. CMD+CTRL Security is ranked as a leader in the Fall 2024 G2 Grid® Report for Secure Code Training, and was recently named a Most Innovative award winner in the cybersecurity training category for Cyber Defense Magazine’s 2024 Top InfoSec Innovators awards.
Forescient is the 12th immersive Cyber Range in CMD+CTRL Security’s integrated, role-based training program and is offered in sessions ranging from a half-day to a full week proctored sessions and is designed to present an intermediate level challenge that complements other ranges that vary in difficulty and tech stacks, including:
- Shadow Bank (basic) – banking application focused on OWASP Top 10 and security principles
- Shadow Health (intermediate) – a realistic medical information management simulation with insecure applications to showcase the importance of access controls
- LetSee Marketplace (advanced) –single page application (SPA) with a heavy API focus
- Infinicrate (advanced) – cloud file storage application for teams using GitHub, cloud services, and development tools
- MailJay (advanced) – level challenge cloud-native marketing automation SaaS suite that emulates a modern-day marketing application, as well as its front-end and back-end services