Defensive Labs

Immersive Labs houses hundreds of cyberskill experiences and content to drive human cyber readiness for security analysts, incident responders and threat hunters. And we’re always adding more powered by the very latest threat intelligence.  

Skill paths to rapidly tool up teams

Our hands-on labs and challenges are designed to move teams and individuals through a four phase process to power up your organization’s human cyber readiness.



Embedding core skills through guided, hands-on experiences. Users can begin here with little to no prior experience.



Enabling individuals to show expertise through experiences, in these exercises users will prove their mastery of relevant tools and technology.



Applying acquired skills and experience to the latest threats and techniques, these labs test not only the skills acquired to this point but also critical thinking and flexibility.



Testing expertise and decision making against likely scenarios. This is where things get real, as we test individual and organizational readiness.

Top role objectives

Use sets of industry standard objectives, use NIST NICE or build your own in Immersive Labs. Objectives equip teams and individuals with relevant and continually evolving expertise.

This objective skills up the foot soldiers of cybersecurity.  They use their varied skill sets to form an organization’s first line of defence. It is their job to find, examine and respond to security incidents, reporting threats to the second defensive wave and implementing security strategies to secure the organization.

Malware never stops developing, and neither should your malware analysis skills and threat awareness. In this series, you will be introduced to a variety of industry-standard tools used to analyse malicious samples.

Threat hunting is a focused and iterative approach to seeking, identifying and understanding attackers active on a network. This objective exercises dissecting and analyzing attacks, then using common toolsets to identify unknown adversaries.

Top MITRE techniques

We’ve mapped labs to MITRE ATT&CK, helping you understand where human capabilities align to threat tactics and techniques.

Top on-demand labs

Our labs are bite-sized, challenge-based experiences designed to get your teams hands on with the very latest tools and techniques in seconds. 

File carving

There are occasions during an investigation when you have to recover data that has been deleted or deliberately hidden. This lab will show you some common tools used to recover data through a process known as file carving.

Splunk - Event analysis

A core requirement for security analysis is examining security logs to identify and classify security attacks. In this lab you’ll be given access to an instance of Splunk, a popular event collation and search tool.

Decompiling .net

.NET is a Windows API standard that allows application designers to write code for the Windows ecosystem. Some malware authors will use C#.NET to create malware as it is a relatively simple language to read and write. 

CVE-2019-19781 (Citrix RCE)

On 17th December 2019, Citrix released an advisory for a vulnerability that existed in Citrix Application Delivery Controller and Citrix Gateway installations. On 10th January, exploit code for this vulnerability (identified as CVE-2019-19781) was publicly released. At the time of this release there was no official patch. This lab explores some investigative techniques post-compromise. 

We help businesses to increase and evidence human capability in every part of cybersecurity.

Follow Us