Test your skills against real-world attacks

The Environment

  • An exercise network managed by on-site teams, reproducing a realistic production environment.
  • Simulated legitimate production traffic from numerous operating systems, applications and devices.
  • Malicious traffic: All Cyber Range attacks use the latest real threats, pulled from the internet and re-generated using Cyber Test Systems Network Traffic Generators in the test environment (see scenarios below).


The Defense

  • Each team manages and prevents threats on its own network using its own Next-Generation Security Platform deployment. For example, in this exercise, teams use Palo Alto Networks® next-generation technology to identify all applications on the network, apply URL Filtering, create content-based whitelisting policies, and identify and generate real-time prevention against malicious software, exploits, and new threats across IP addresses and URLs.

Cyberattack Scenarios
Sessions can include a combination of any of the following:

  • ICS/SCADA cyberattacks
  • Advanced/Zero-day malware, including ransomware
  • Data leakage
  • Botnet command-and-control communications
  • Client-side vulnerabilities and exploits
  • Server-side vulnerabilities and exploits
  • Malicious domains and websites, including phishing sites
  • Network reconnaissance
  • And much more




Cyber Range solution brief


A Smarter Way to Train

Cyber Range challenges participants to maintain the availability, scalability, security, and stability of the network and application infrastructure most often targeted and affected by cyberattacks. Cyber Range instructors simulate network functions and traffic to create a realistic network experience. A typical Cyber Range session consists of five teams:

  • Green Team: Creates “legitimate” user and server application traffic.
  • Red Team: Acts as malicious users and malicious or compromised servers.
  • Yellow Team: Simulates innocent users clicking on phishing links or unknowingly installing malicious applications and compromising the network’s security.
  • White Team: Launches cyberattack scenarios, creates traffic and monitors the success or failure of the Blue Team in terms of incident handling and scenario response.
  • Blue Team: Represents the network operations center, security operations center and Cyber Incident Response Team.