Phone: +372 633 3266 | Email:

Trainings and exercises

Cyber CoRe

Cyber CoRe is an exercise in "live fire" mode, where the Blue Teams must defend their respective environments against real time attacks by our experienced Red team. This gives a unique, realistic experience that would help enterprises to cope with cyber threats.

CoRe – "Cooperative Resilience" is a unique format developed by CybExer Technologies in partnership with Ernst & Young (EY) (Netherlands) where various enterprises and government agencies compete in a complex Blue v. Red Team technical cyber security exercise. The exercise provides a full cyber range experience in Computer Network Operations (CNO). Cyber Core allows the organisations to increase collaboration, raise the quality of sharing information, and provides a solid basis for a true public/private partnership.

The goals of the exercise are to build a strong cyber security community, through advanced, highly technical training experience; to demystify complex Cyber Range exercises, by making them accessible and affordable to private sector and government clients; to enhance practical information sharing and threat intelligence between different organizations participating in the exercise and to promote new technologies and approaches in cyber security by integrating such solutions to exercise scenario.

Our fully virtual system allows everybody to take part in the Cyber Core exercises. Usually, a Cyber CoRe is attended by multiple organisations from different countries who send in their own full Blue Teams or individual members to an International Blue Team.

Live-fire exercises

Our flagship trainings are large-scale live-fire, Red vs Blue exercises that are hosted on our proprietary cyber ranges. The scenarios, incidents, and technical artefacts for these exercises are one of the world's most advanced and as close as possible to actual environments.

Live-fire exercise is a cyber incident simulation exercise for technical cybersecurity personnel that aims to develop technical incident response and red teaming skills but also enables the leadership to improve their risk assessment of the overall response capability. It serves as an important input to the strategic development of capabilities and resilience.

Our high-level live-fire trainings are especially realistic as the technical artefacts for exercises are depicting real operational environments. Furthermore, we put significant emphasis on the design of realistic and dynamic scenarios that are based on identified and forecasted trends, our elaborate threat intelligence processes on cyber-attacks and vulnerabilities extracted from different sources, and include threats and scenarios based upon both regional and business sector. This enables cybersecurity professionals to rapidly adapt to an evolving threat landscape.

An exercise in "live fire" mode, which means that the Blue Teams must defend their respective environments against real time attacks by an experienced Red team.

Our approach to the development of material for technical exercises is divided into the attacking phase (i.e. the Red Team Campaign) and the defensive phase (i.e. the Blue Team Campaign).

The Red Team Campaign is based on MITRE ATT&CK which informs the production of a whole range of attacks and vulnerabilities for exercises. Our exercises on most cases include pre-built vulnerabilities that are already known to the attackers but not necessarily known to the defenders. The Blue Team Campaign is based on the principles of NIST Cybersecurity Framework on Identify, Protect, Detect, Respond and Recover. It is often expected that the members of participating Blue Teams to operate in scanning and searching vulnerabilities from their own infrastructure, configure firewalls, perform other system hardening activities, and defensive measures.

Capture the Flag

Capture the Flag (CTF) is a mission-based exercise, where participants need to use specific skills to collect cyber "flags" within the virtual IT environment provided to them via our cyber range. In traditional military exercises, opponents would capture a physical flag in order to win the game. On a cyber range the "flag" is an object such as a file or obtaining access to a system.

Our Capture the Flag (CTF) portfolio consists of two types of solutions: trainings and competitions. In both cases, the participants are faced with a number of cybersecurity missions that need to be solved by employing various cybersecurity skills in a simulated IT environment.

Both CTF trainings and competitions are based on similar content. CybExer's CTF platform uses jeopardy-style CTF: there are tasks with different difficulties which are grouped into categories and every team/individual can choose the tasks they wish to solve based on their own preferences or strategy. The number of tasks available for the participants to solve is configurable and this is the main means on defining the length of the training event as well as the complexity.

For competitions, the participation is usually open to everyone (as opposed to CTF trainings for one organisation). More extensive competitive elements are designed into the CTF event and often live broadcasts with commentaries of the competition are presented to the public. Nonetheless, mixtures of the two types of CTF can be constructed to suit the specific needs of an organisation.

CTF events can vary from few hours with novice target audience up to multiple day events with participants having very advanced skillsets. CybExer is known for delivering Cyber Battle of the Emirates in 2019 and 2020.

We use cookies and other technologies to process personal data (including IP addresses) in order to:

  • Develop and improve user experience, the website and the products;
  • Enable the use of the website;
  • Store and/or access information on a device;
  • Apply market research to generate audience insights;
  • Measure ad performance.

Read more from our Privacy Policy and Terms of Services