Security Innovation is a leader in software security that provides various security services and training solutions. Their CMD+CTRL Cyber Range is a cloud-based cybersecurity simulation and training platform that allows users to build and assess their skills through hands-on practice in simulated real-world software environments and scenarios. The platform aims to improve cybersecurity skills in a more engaging and effective manner compared to traditional cyber ranges.

1. 1
A Fresh, New Look
CMD+CTRL CYBER RANGE
WEBINAR

2. 2
• Securing software in all the challenging places
• Over 2.5M licensed users of training solutions
• Gartner Cool Vendor and Magic Quadrant designations
• Helping clients get smarter about software security
Assessment - show me the Gaps!
Standards - set goals and make it easy
Education - help me make good decisions
About Security Innovation

3. 3
Security Innovation is a Leader in Software Security
3
1Verizon DBIR
2WhiteHat
Application Security Services
Led by Expert Engineers
 Software security assessments
by trained experts
 Application security consulting to
improve development process
 IoT & embedded security
consulting
 Security vulnerability identification
for IT Infrastructure
Assessment
CMD+CTRL Security Courses
 150+ online courses cover all
major roles, technologies and
platforms
 Scalable solution with regular
updates and real-world examples
 Lab-based and customizable
CMD+CTRL Cyber Range
 Simulation attack/defense training
in authentic environments
 Live scoring and instant
gratification keeps participants
engaged
 8 live & authentic ranges
SimulationTraining

4. 4
What is CMD+CTRL Cyber Range?
Cloud-based platform
• Turn-key solution
• Require only a browser
and internet
Build & Assess
cybersecurity skills
• “follow your nose”
• Demonstrate true
capabilities
• Tailor additional
training
Hands-on
Simulation
• Mirrors real-world
software ecosystem
Think like an Attacker
• Application vulnerabilities
• System structure
• Cloud, API, etc.

5. 5
Classic Banking Web Ecommerce Platform SaaS Model
Social Networking
Advanced Banking
Web
Crypto Currency
Exchange
Mobile Fitness App
API
Single Page App
CMD+CTRL Cyber Range Suite

6. 6
Expanding on Traditional Cyber Ranges
• Heavy hardware requirements
• Network and infrastructure focus
• Massive configuration
• Gamified environment
• Lightweight – no hardware/software to install
• Focused on software security environment
(application, system, server, mobile, cloud)
• Instant access and minutes to set up
• Real-world simulated environment

7. 7
Unrivaled Authenticity
Over 500 challenges that span application, platform, and business logic
flaws, players are tempted to steal money, escalate privilege, conduct a
denial of service attack, disrupt workflows, and much more.
Thwart Today’s Attacks
From classic web application with common OWASP vulnerabilities, to multi-
tier websites with build-in defenses, to complex e-commerce system with
API and cloud vulnerabilities, there’s always a range for you.
Engaging
A live scoreboard, automated scoring, hints, Easter Eggs, social media
integration and other instant gratification elements provide an engaging
environment like no other.
Ideal for all skill levels
Help guides, hints, and challenges of varying complexity ensure everyone
can participate and gain insight into the impact of different classes of
vulnerabilities.
Practitioner Experience

8. 8
Talent Identification
Hidden talents wait to be found! Hands on engagements help
highlight those talents in ways that traditional methods don’t.
Skill Shortage Intelligence
Identification of team members skills in a discrete and constructive way
allows for quicker focus on additional training and education.
Tailored Training Plan
The result insight provides the data necessary to streamline
supplementary training and ensure users only take courses they need.
Real-time Assessment
Automated reports measure team and individual security proficiency –
not “grade” their memorization skills, but rather how they actually
performed in practice.
Leadership Takeaway

9. 9
Flexible Delivery Methods
Practice
Mode
Attack & Defend
Mode
Event
Mode
Recruiting
Mode
most engaging most flexible most effective most emerging
• 1- 2 days event
• In-person / Remote
• Live instructor
• Learning labs
• Intensive interactions
• Prize for top performers
• 24/7 access
• Safe sandbox
• Progressive learning
• “always-on” access can
extend beyond Event Mode
• Combination of
Event/Practice mode with
CBT courses
• Test and apply new
knowledge learnt
• Ensure only necessary
courses taken
• 2-3 hours time-box
• Validate candidates’
cybersecurity
competencies
• Real-world assessment
• Adapt into new hire
interview process

10. 10
• Enhanced Gamification Experience
• Seamless Event Switching
• Dedicated Player Report Card
• Admin All-in-One mode
• Instant Event Setup
• Event Specific Dashboards
Practitioner:
Improved learning environment
Admin:
Maximum control of in-house events
A Fresh, New Look User Interface