Symantec Cyber Security Services: Security Simulation strengthens cyber-readiness by providing live-fire simulation of today’s most sophisticated, advanced targeted attacks. Our cloud-based, virtual training experience provides multi-staged attack scenarios allowing participants to take on the identity of their adversaries to learn their motives, tactics and tools. This gamification of security education helps level the playing field by providing a more engaging, immersive real-world experience than traditional security skills training.
Security Simulation allows participants to assess their game performance and provides structured guidance for on-going skills development. It also allows security leaders to strengthen their team by providing insight into individual and team performance, visibility of functional gaps within the team and the option of performing pre-hire skill assessments.
1. Symantec Cyber Security Services: Security
Simulation
Are you ready to take on a cyber-attack?
Data Sheet: Symantec Cyber Security: Managed Services
Testimonials
"Only the defense department and
NSA have ever put the time, the
effort and the skills into creating
this type of virtual environment."
"I loved the challenges. It gave me
more insight on what I should focus
on when doing internal audits and
securing our network."
"These exercises are incredibly
valuable because they provide
participants defending our
companies with real world
experience to better understand
what we are facing out there."
"... an excellent opportunity for
attendees to not only apply, but
also advance their skills in
forensics, ethical hacking and
much more."
Today’s CISOs are fighting an asymmetric battle. Unknown adversaries deploy
seemingly limitless resources to launch increasingly sophisticated, multi-staged
advanced targeted attacks. In contrast, cybersecurity experts are among the most
sought-after professionals in the tech sector
1
— and the majority have never faced a
targeted attack. This combination of scarce and largely untested security practitioners
means today’s CISOs are never really sure if they’re prepared to handle a cyber-
attack. And this lack of readiness increases incident response time and ultimately,
increased organizational risk.
Symantec Cyber Security Services: Security Simulation strengthens cyber-readiness
by providing live-fire simulation of today’s most sophisticated, advanced targeted
attacks. Our cloud-based, virtual training experience provides multi-staged attack
scenarios allowing participants to take on the identity of their adversaries to learn
their motives, tactics and tools. This gamification of security education helps level the
playing field by providing a more engaging, immersive real-world experience than
traditional security skills training.
Security Simulation allows participants to assess their game performance and
provides structured guidance for on-going skills development. It also allows security
leaders to strengthen their team by providing insight into individual and team
performance, visibility of functional gaps within the team and the option of
performing pre-hire skill assessments.
Breach is inevitable. Are you ready to takAre you ready to take on a ce on a cyber-attack?yber-attack?
1. ESG’s annual global IT Spending Intentions survey has shown a ’problematic shortage’ of cybersecurity experts as the top IT skills shortage for four years in a row.
http://www.esg-global.com/research-reports/2015-it-spending-intentions-survey/
1
2. Think Like an Attacker
Is your team ready to respond to a large-scale cyber-attack?
Can they anticipate your adversary’s next move?
Classroom training is not enough. Simulating real-world
attacks delivers a more immersive and interactive experience
than traditional security education. Designed for varying
levels of experience and technical skill, Security Simulation
allows security professionals to take on the identity of
attackers to learn how they think, how they approach targets
and how they exploit current protective technologies. Fully
immersed in our virtual, live-fire environment, Security
Simulation inspires players to draw on key qualities such as
persistence, attention to detail and advanced problem-solving
as they emulate adversary’s thought processes while staging
authentic advanced targeted attacks.
Symantec’s Security Simulation offers four multi-staged
attack scenarios, each modeling the five stages of a cyber-
attack: Reconnaissance, Incursion, Discovery, Capture and
Exfiltration. Each scenario brings a real-world cyber-attack to
life by using multifaceted story elements such as setting,
adversary personas and complex plot lines to help enrich each
sequence of ‘capture the flag’ events. Players gain the
experience of industry-leading security experts, including the
DeepSightTM Intelligence, Security Technology and Response
(STAR), and Incident Response teams, by executing attack
scenarios modeled from Symantec’s vast experience with
past, present and evolving cyber-threat vectors.
Assess and Advance Your Team
You’re hiring the best staff. They’ve got the relevant
certifications and periodically attend technology training
classes. You’ve also invested considerable time planning what
to do when a particular security control fails and how to
respond to indicators of compromise. But until you’ve lived
through an actual breach, your team is largely unproven.
Symantec’s Security Simulation provides security leaders with
the insight necessary to assess skill gaps and training
requirements in critical areas.
At the start of a scenario, profiles are created for each
participant. Security Simulation measures the baseline
performance participants bring to each scenario. Upon
completion of the scenario, participants or their managers
receive an in-depth assessment of skill strengths as well as
areas for improvement, enabling a more effective
collaboration of a cybersecurity skill development path.
Security Simulation continually measures and tracks skill
attainment and mastery as participants progress through
each scenario. Security leaders can also use the assessment
feature to identify gaps in team coverage and accurately
assess the skills of potential job candidates.
On-demand or Instructor-facilitated Workshops
Cyber Security Services: Security Simulation is available via
yearly subscription or as instructor-facilitated workshops.
Practice YPractice Your Skills 24x7 – Jusour Skills 24x7 – Just Likt Like the Ae the Attackttackersers
Security Simulation is a fully managed, cloud-based service
and includes all four scenarios as on-demand self-paced
training. Each scenario includes:
• A scenario story line containing a sequence of capture-the-
flag events. Participants receive stage-specific content and
instruction, executing role and skills-based exercises to
achieve each flag objective and unlock the next level.
• A cloud-based, virtual environment consisting of
production-worthy networked hosts and scenario data.
Participants can access this environment 24x7 to which
customers access to develop and refine their ethical
hacking skills to identify vulnerabilities and characteristics
of the environment.
InsInstructor-facilitatedtructor-facilitated SecuritSecurity Simulation Exy Simulation Exerciseercise
For organizations wanting a more personalized experience,
the Security Simulation Exercise is a one-day, instructor-
facilitated workshop that can be delivered either onsite or by
Symantec experts working remotely. The Security Simulation
Exercise provides a unique opportunity to gain experience
from Symantec’s top security experts. Please contact your
local Symantec account representative for more information
and to determine schedule availability.
Data Sheet: Symantec Cyber Security: Managed Services
Symantec Cyber Security Services: Security Simulation
2
3. Multi-staged Attack Scenarios
Cyber Security Services: Security Simulation was based the highly successful Cyber Readiness Challenge, developed over the
past four years and delivered to hundreds of customers across the world. Cyber Security Services: Security Simulation offers
the following four scenario:
Scenario 1: The EDC and RKIScenario 1: The EDC and RKI
Recently, the EDC organization has had Intellectual Property
stolen, and they suspect their rivals RKI. In a live-fire exercise
recreating an attack environment, you will be given four hours
to complete a series of tasks, or flags, to complete and score
points. Users will learn about the five stages of a cyber attack
– Reconnaissance, Incursion, Discovery, Capture and
Exfiltration – and use this knowledge to break into RKI’s
networks and systems to prove they were behind the EDC
attack and retrieve evidence, including the stolen Intellectual
Property.
Scenario 2: The CoffScenario 2: The Coffee Shop Hackee Shop Hack
After visiting your favorite coffee shop for the past six years,
you receive poor customer service; paying more for your
double espresso and now having to pay for Wi-Fi access; you
think about how you can return “your” coffee shop back to the
way it used to be or even make it better. Learning features
include the risks posed by improperly secured web services,
data-at-rest encryption, and how to secure of sensitive
company data. You’ll explore the inadequate protection of
production systems and their connection to customer facing
networks, and see the risk posed by loss of IP and customer
data. Capture all the flags and own your coffee shop!
Scenario 3: EDC and the LScenario 3: EDC and the Loosst Lapt Laptoptop
Alex Lockwood, the Chief Technology Officer of EDC, has left
his laptop on an airplane. This module concentrates on the
penetration and access of that laptop, to teach about how
such endpoints provide access to the larger organization’s
ecosystem. Users will access Lockwood's laptop which has
been provided to steal valuable Intellectual Property like
source code, documents, and customer data, including credit
card numbers and personal information from EDC's systems.
Scenario 4: FScenario 4: Forensics Exorensics Examiner Mishandles Eaminer Mishandles Evidencevidence
One of your fellow forensics examiners on your security team
has been fired from your company due to the mishandling of
evidence, and there are suspicions that the mishandling was
deliberate. Your job is to confirm this theory by finding
evidence of a recent break-in using some basic ethical hacking
skills, then perform a forensics investigation on that evidence.
Using what you find in the forensics evidence will give you a
chance to strike back at the attacker instead of being on the
receiving end as usual. The heart of the challenge centers
around hard drive images, memory dumps and network
packet captures, as well as light ethical-hacking skills.
Data Sheet: Symantec Cyber Security: Managed Services
Symantec Cyber Security Services: Security Simulation
3