Remote Learning for Educators and Students
CYRIN® is a next-generation cyber range platform featuring real tools, real attacks, and real scenarios that provides hands-on training and experience that students and educators can use in realistic learn-by-doing scenarios.
A cyber range is a collection of virtual computers where students can safely practice/train/learn in a controlled environment.
E-Learning starts with CYRIN’s patented Exercise Builder Module (EBM). EBM allows educators to build out new scenarios in virtually multiple subject areas, not just cyber.
CYRIN is Different from Other Cyber Ranges
How it Benefits Students
1. Live access to virtual enterprise and SCADA networks
2. Access from a web browser, no special software required
3. Each student gets a personal instance of the cyber range
4. Customized networks available for increased realism
5. Students see a real-time assessment of their progress
6. 34+ Hands-on labs in a wide array of IT/cybersecurity topics
7. Self-serve or instructor-led e-learning
8. Integrates with existing online courseware/LMS systems
9. Team/wargame scenarios available with multiple participants
Plan for the worst.
Better yet, train for the worst.
Effective Online Learning
As the educational community moves to e-learning, CYRIN provides a best in class experience for a live interactive cyber range with up to four different levels of training.
CYRIN currently has three Levels: Labs, Exercises, and Attacks. These are normally completed in sequence. A fourth level, independent of these three levels, is coming in 2020.
LEVEL 1: SKILLS DEVELOPMENT LABS
There are eight different Lab categories with several labs in each category. Students learn and practice in labs with several different virtual training situations for the cybersecurity field. These Level 1 Labs are considered foundational and are the first part of the training process.
LEVEL 2: EXERCISES
After Labs, students would move to Level 2 or what we call Exercises. Students are tasked with actual exercises; many of these can be done in a team atmosphere – red team, blue team – offense vs. defense.
LEVEL 3: ATTACK SCENARIOS
Attacks are the third progression. Students will be required to sign on to an existing virtual SCADA network. At a random interval, an attack on the IC network will commence with all the accompanying conditions that simulate a real attack. These different attack scenarios will test the students’ ability to defend more complex SCADA networks.
LEVEL 4: COURSES (available later in 2020)
Level 4 will have three separate modules. Each module is a week-long course with 10-15 labs. Students will again move as a progression from the first course to the third.
- The first course deal with essential skills to build a solid security foundation.
- The second course will build on this foundation and teach Essential Defense Tactics. In this hands-on training, students will learn the foundation of security and defending architectures from attack.
- The third course will build on the first two courses (and they will be a prerequisite to this course) and cover fundamental and advanced techniques of fortifying your defenses.
For more information on these courses, see our Resources page.
Current Labs, Exercises, and Attack Scenarios
- Introduction to Metasploit
- Vulnerability Scannng with OpenVAS
- Automating Security Analysis with SPARTA
Secure Network Setup
- Introductory IDS Configuration with Snort
- Intrusion Detection using Zeek (formerly Bro)
- Firewall Configuration with pfSense
- Firewall Configuration with IPtables
- Firewall Configuration with VyOS
- VPN Server Configuration with OpenVPN
Secure System Setup
- SSH Server Configuration
- Host Intrusion Detection System (IDS) Setup with OSSEC
- Using Active Directory to Manage Domain User Accounts
Industrial Control Systems/SCADA
- Responding to an ICS Operational Network Man-in-the-Middle Attack
- Responding to an ICS IT/OT Phishing Attack
- Responding to an ICS OT Application-Level DoS Attack
- Responding to an ICS OT Network-Level DoS Attack
CYRIN has three primary components: Multi-Level Training, a Performance Evaluator and Monitor Module (PEMM), and the Exercise Builder Module (EBM).
Currently CYRIN has three levels of training. A fourth level, providing week-long courses in fundamental security areas, is coming soon.
Performance Evaluator and Monitor Module (PEMM)
- The PEMM is an automated performance monitoring tool that reduces instructor work load and enhances visibility into student progress.
- PEMM allows students to continually track their progress and enables educators to see how their students are progressing.
- The PEMM has individual and overall class views for educators.
- The ability to grade, map progress, and view problem points are all included.
Exercise Builder Module (EBM)
- Exercise Builder allows you to build new labs and new courses into the CYRIN training platform.
- Exercise Builder lets you move from idea to lab in hours.
- Exercise Builder is flexible and can be tailored to many types of courses, not just cybersecurity.
- The Exercise Builder allows CYRIN training to support the current generation of cybersecurity professionals while developing the next generation of cybersecurity leaders.
Benefits of CYRIN Training
CYRIN trains students in the next-generation of cybersecurity skills from their own desktop. With virtual cybersecurity training in a real-world environment, CYRIN enables students to test their cybersecurity skills on their schedule with no custom software or travel necessary.
- 24/7, on-demand, online skill-building
- No need to gather students in a single location
- No custom software to install
- Multi-system, complex exercises that are difficult to replicate in home or work environments
- Low cost yet supports a wide range of cyber training areas
- Scalable, sophisticated training for large groups
- Instructor Tools with monitoring flexibility
- Exercise Builder allows you to move from ideas to labs in hours
- Integrates with Canvas, Blackboard, Brightspace, and other learning management systems via Learning Tools Interoperability (LTI), including grade reporting