CyberNEXS Global Services

Transcription

1 CyberNEXS Global Services CYBERSECURITY A cyber training, exercising, competition and certification product for maximizing the cyber skills of your workforce

2 The Cyber Network EXercise System CyberNEXS CyberNEXS accelerates the development of cyber skills to recognize and defend against cyber attacks, conduct forensic analysis and assess (penetration test) your critical information resources. It provides a web-based network management tool and graphical displays that aid in real-time feedback and focused training. CyberNEXS will simultaneously exercise IT staff in an environment that emulates a corporate infrastructure to enhance a real-world training experience. Fight as You Train CyberNEXS Benefits Live, realistic and available from anywhere in the world, CyberNEXS prepares your security professionals, network administrators, system administrators and students with the tools and skills they need to effectively protect and defend your critical IT systems against today s real-world threats. Trains onsite or remotely against real-world, live cyber threats Exercises skills in secure configuration, vulnerability assessment, intrusion detection, incident mitigation and forensics Trains in a separate environment with most functionality of customer networks Provides real-time feedback, through performance-based testing, to reinforce and focus training Performs automated analysis of the individual and the team Trains as a team to measure the level of knowledge and proficiency Uses reconfigurable system architecture to emulate customer environment Lite Mode enables scalability to thousands of simultaneous Internet-based contestants Permits Red, White, Blue and Green Team functions to be performed from any location The CyberNEXS Team has been recognized for its contribution to Science, Technology, Engineering and Mathematics (STEM)- related support. These important cyber competitions are conducted to encourage high school and middle school students to pursue a career in cybersecurity.

3 SAIC is a leader in delivering cybersecurity training and exercising to trainees from age 12 plus, including the most expert professionals such as those found in the Maryland Cyber Challenge and Conference. Essential Cyber Training Phases CyberNEXS supports four essential training phases: Instruction Classroom Teaches facts Demonstrates techniques Permits questions and answers Exercise Live Lab Reinforces learning Provides students with hands-on experience Enables real-time feedback using trial and error method Competition Game Measures individual or team performance Enables participants to share knowledge It s fun and stimulates contestants to learn more Certification Demonstrate Practical Knowledge Provides final verification of competency level Certifies applicants against varying levels of difficulty and pressure CERTIFY INSTRUCT EXERCISE COMPETE Games Available SAIC is dedicated to maintaining the most up-to-date library of target configurations and hacker exploits, as well as continuing to offer a greater variety of training and exercising modules. These games* focus on four methods: Defense, Forensics, Attack, and Attack/Defend. 1. CyberNEXS Defense (CND) Competitors defend a network being attacked by a live, while maintaining critical services and securing hosts, detecting and mitigating activity and other misuse, and communicating findings. 2. CyberNEXS Forensics (CNF) This game involves finding and reporting evidence of intrusions, discovery of malware, analysis of payloads, analysis of logs and networks, and tracking attackers. 3. CyberNEXS Attack/Penetration Testing (CNA) Requires assessing targets for vulnerabilities, exploiting and compromising to verify vulnerabilities. Players report any artifacts, which include system administration details, credit card information, trust relationships, system and application misconfigurations, and patching issues. 4. CyberNEXS /Capture The Flag (CTF) In this game players compromise and control targets, maintain control of targets, and secure targets against other teams compromise. The longer a team holds a target, the more points they earn. *All games capable of King of the Hill scenario.

4 CyberNEXS Training Why Competition? Over the last four years, SAIC has been delivering cybersecurity training and exercising to over 100 government, Department of Defense, and commercial events around the world. In every engagement, we have found that the challenge of the competition brings out the best in people. They not only prepare harder to be the best, but they perform follow-up training to discover what they didn t know during the competition. Why Training? CyberNEXS is the perfect platform for instruction and exercise, reinforcing training materials through hands-on trial-and-error feedback. Curriculum would include instructional material followed by lab directions and student interaction with CyberNEXS. With the new emphasis on performance-based testing to truly evaluate a person s ability to practically apply learned knowledge, CyberNEXS is the platform for preparing in the real environment with real-time feedback. Blue Team Scorebot Internet External Switch VLAN Scorebot Internal Switch VLAN Router IDS Firewall IDS M an ua l Blue Team Players defend IT resources, including Windows and UNIX servers and desktops, switches and routers, firewalls and intrusion detection systems (IDSs). Responds to attacks. Referees and monitors the score, responds to Blue Team trouble tickets, and provides required resources. Launches real-world attacks to challenge how well Blue Team has hardened its systems. External VLAN DMZ VLAN Internal Switch VLAN

5 Cybersecurity Training Requirements The system is self-contained; it never touches the operational environment. It emulates the users operational environment using standard Windows, UNIX, network management interface, and network and security devices. It is a realistic, live environment with real-time, automated, quantitative scoring. There is a capability to rerun the same scenario providing the same results. The system is available anytime, anywhere, and the complexity of the training can be scaled to the users level. It is automated for ease of use, and the outbrief capability shows status, trends and scores for rapid feedback. Post-Exercise Reconstruction At the end of the exercise, the instructor can freeze the training scenario and debrief the students with various charts and graphs, as well as the documented student communication. This review of the perceived and real situational environment greatly aids the students as they begin to understand and compare what they did versus what actually happened. Through this trialand-error method the students apply their knowledge and improve their skills.