Defensive Labs
Immersive Labs houses hundreds of cyberskill experiences and content to drive human cyber readiness for security analysts, incident responders and threat hunters. And we’re always adding more powered by the very latest threat intelligence.
Skill paths to rapidly tool up teams
Our hands-on labs and challenges are designed to move teams and individuals through a four phase process to power up your organization’s human cyber readiness.
Coach
Embedding core skills through guided, hands-on experiences. Users can begin here with little to no prior experience.
Demonstrate
Enabling individuals to show expertise through experiences, in these exercises users will prove their mastery of relevant tools and technology.
Challenge
Applying acquired skills and experience to the latest threats and techniques, these labs test not only the skills acquired to this point but also critical thinking and flexibility.
Simulate
Testing expertise and decision making against likely scenarios. This is where things get real, as we test individual and organizational readiness.
Top role objectives
Use sets of industry standard objectives, use NIST NICE or build your own in Immersive Labs. Objectives equip teams and individuals with relevant and continually evolving expertise.
This objective skills up the foot soldiers of cybersecurity. They use their varied skill sets to form an organization’s first line of defence. It is their job to find, examine and respond to security incidents, reporting threats to the second defensive wave and implementing security strategies to secure the organization.
Malware never stops developing, and neither should your malware analysis skills and threat awareness. In this series, you will be introduced to a variety of industry-standard tools used to analyse malicious samples.
Threat hunting is a focused and iterative approach to seeking, identifying and understanding attackers active on a network. This objective exercises dissecting and analyzing attacks, then using common toolsets to identify unknown adversaries.
Top MITRE techniques
We’ve mapped labs to MITRE ATT&CK, helping you understand where human capabilities align to threat tactics and techniques.
Top on-demand labs
Our labs are bite-sized, challenge-based experiences designed to get your teams hands on with the very latest tools and techniques in seconds.
File carving
There are occasions during an investigation when you have to recover data that has been deleted or deliberately hidden. This lab will show you some common tools used to recover data through a process known as file carving.
Splunk - Event analysis
A core requirement for security analysis is examining security logs to identify and classify security attacks. In this lab you’ll be given access to an instance of Splunk, a popular event collation and search tool.
Decompiling .net
.NET is a Windows API standard that allows application designers to write code for the Windows ecosystem. Some malware authors will use C#.NET to create malware as it is a relatively simple language to read and write.
CVE-2019-19781 (Citrix RCE)
On 17th December 2019, Citrix released an advisory for a vulnerability that existed in Citrix Application Delivery Controller and Citrix Gateway installations. On 10th January, exploit code for this vulnerability (identified as CVE-2019-19781) was publicly released. At the time of this release there was no official patch. This lab explores some investigative techniques post-compromise.
Latest Blog posts
Patch Newsday: 12 October 2021 – Spooky Spooler and Sinister Scores
13 October 2021
Building cyber resilience for the Financial Services sector with breadth and at scale
4 October 2021
OWASP Top 10 2021 has finally landed – here’s why you should care
27 September 2021
Financial Sector Insider Threat: Master Key Compromise
27 September 2021
Patch Newsday: 14 September 2021 – Lousy Browsers and Arsey RCEs
15 September 2021
Analyzing the CVE-2021-40444 exploit
13 September 2021
