Immersive Labs #1
This blog is about Immersive Labs, and how it's helping me establish a good cyber security foundation and beyond.
I hope you will find this information useful.
This is not a sponsored article.
Immersive Labs is changing the way companies address their cyber skills challenges.
It is founded by former GCHQ cybersecurity instructor James Hadley, the platform combines learning methods used by hackers with real time threat intelligence to help your security team keep pace with attackers. They do this by creating story-driven virtual games in the browser, called labs.
A couple differences between IL and other platforms are:
Other platforms, e.g HackTheBox or TryHackMe might require you to have Linux on your host or a virtual machine installed and to connect to their VPN, for IL all you need is within your browser.
In each lab you get will get an information tab with a quick summary about that specific subject and a few resources to help you complete the lab. This is something you don't find in HackTheBox, however TryHackMe do have labs with a few 'hints' along the way.
Each lab allow the users to learn from real life scenarios ranging from cyber awareness to headline-hitting malware and everything in between.
These labs even include emerging threads and vulnerabilities the same day they're discovered.
Immersive Labs challenge users to find their own solutions, encouraging creative thinking and ultimately long term skills development and talent retention.
They offer options where you can even keep track of your team's progress as they complete labs, they use this information to benchmark the organization's cyber capabilities against industry frameworks, including MITRE ATT&CK, meaning they always know where our strengths - and most importantly, our weaknesses - lie.
Immersive Labs is free for students, it's name is "Students’ Digital Cyber Academy™", IL have mentioned that the labs on the platform are as used by Goldman Sachs, Deloitte and BAE Systems use to train their staff.
A couple of my lecturers had mentioned this platform when I started my studies at University and ultimately this is how I joined. All you need to register is your student email and you will have access to hundreds of labs and more created every day.
They are building content and simulations that challenge users at any level to rapidly and constantly upskill, anyone can start from scratch, gathering the basics through a series of labs to build a strong foundation of cyber security knowledge.
Users will be using a variety of operating systems and security tools as well as learning how to analyze log files and code.
For example, gamified scenarios let users see the impact of their decisions in real time and better understand outcomes.
Story-based threat simulations empower users to enhance while stopping an online breach or hacking industrial control systems, including contained access to operating systems , tools and malicious code.
I believe that this is a good way to continuously develop cyber skills,
every part of your work force needs some level of cyber skills, Traditional teaching e.g classroom and online training might not offer enough visibility of how effective these courses are and can become quickly out of date. Also training isn't always directly relevant to the real risks we face.
Competition
Immersive Labs have 3 types of ranking on their Leaderboard system.
- My Organization
- Global Ranking
- League Table
My Organization is formed of people who are part of the same domain, so what I mean by that, I enrolled under my student e-mail so therefore IL knows I belong to Caledonian University, the ranking is you vs all the users from the same domain.
Global Ranking is yourself vs everyone that is registered on Immersive Labs.
League Table is your Organization or for example in my case, my University vs all the other universities that are registered.
Another good point to mention is that Immersive Labs have structured the content you receive based on the persona you pick.
They currently have 5 different types of personas:
Non-Technical - You don't work in cyber security, but you've seen stories in the news about recent attacks and would like to understand more about staying secure.
Executive - You are a senior executive or board member. You want to understand cyber security topics and risk decisions in more detail.
Engineer - You work with computers and networks on a daily basis. You want to understand how to improve security when building and deploying new infrastructure.
Developer - You are responsible for developing and maintaining applications in your environment. You would like to acquire and demonstrate knowledge and skills to keep those applications secure.
Cyber-Professional - You currently work (or aspire to work) in a cyber security role and like to keep up with the latest threats. You enjoy learning about risk and solving technical problems in both a defensive and offensive environment.
You can can switch between persona's and solve different labs. The points you receive are unique to each persona and will not be added in total.
What is the outcome?
You become the driving force behind patching the security posture.
You can learn the skills you need to help your organization stay secure, better understand cybersecurity threats, like detecting and understanding phishing and malware reverse-engineering.
My current stats:
My main persona: Cyber Security Professional
Completed 233 labs
Completed Objectives:
- Become a Junior Penetration Tester
- Become a Tier 1 SOC Analyst
- Essential Cyber Security for Remote Workers 4 – Attacks & Vulnerabilities
- Essential Cyber Security for Remote Workers 2 – Cyber Security Awareness
- Protect Yourself Online
- Essential Cyber Security for Remote Workers 1 – Intro to Cyber Security
- Essential Cyber Security for Remote Workers 3 – Terminology & Technology
- Introduction to Network Technologies
- Introduction to Operating Systems
- Introduction to Cyber Investigations
Leaderboard
- Organization
- Global Ranking
- League Table
Have you got any suggestions for me ? Get in touch!
Thank you for reading my article, Until next time!
Your friendly neighbourhood Hacker.