Cyber range is a controlled, interactive technology environment where up-and-coming cybersecurity professionals can learn how to detect and mitigate cyber attacks using the same kind of equipment they will have on the job. The range simulates the worst possible attacks on IT infrastructure, networks, software platforms and applications. The setup encompasses technology that is able to operationalize and monitor a trainee’s progress and performance as they grow and learn through simulated experiences. Used the right way a cyber range can instill confidence in cybersecurity workers.

The range’s underlying infrastructure might include a network, storage, compute (servers) as well as switches, routers, firewalls and so forth. In some cases, the range is built using an open source platform like OpenStack. A virtualization layer helps reduce the range’s physical footprint. Some ranges are partly or fully cloud based. The range’s “target infrastructure” simulates the actual digital assets that might be subject to a cyberattack. The target may consist of “real world” commercial products, e.g., Microsoft Windows Server. Such accuracy is important, as it enables instructors to gauge whether a student has mastered the skills needed to repel an actual attack. The instructors can then provide feedback in real time.

Attacks are getting more varied and nuanced, too. Cyber professionals need to train on complete technology environments if they want to stand a chance of defending sensitive digital assets from advanced persistent threats (APTs) and other sophisticated attack vectors. These include spear phishing, Distributed Denial of Service (DDoS), bot attacks, API attacks and more. In many cases, detecting the attack requires learning how to spot seemingly minor anomalies in network behavior and device logs. All of this takes intensive training and individual testing to ascertain competency.