5-day deep dive event with real incident data

Sharpen your skills with Simulation

Cyber Fire Simulation gives participants a full week to work with data from a historical event, with veteran investigator assistance. This is not an event to learn a new skill, but rather sharpen existing skills working with real data.

Participants act in one of four groups:

  • Network Archaeology
  • Malware Analysis
  • Host Forensics
  • Incident Coordination

Attendees start with an initial indicator and a piece of evidence, and work as a single team to respond to the incident.

The incident response team is expected to process network traffic, event logs, packet capture, memory images, hard drive images, and windows registry.

During daily executive management briefings, Simulation participants provide:

  • investigation updates
  • recommendations to the site for remediation
  • a list of infected resources
  • all evidence gathered to date
  • updated indicators of compromise

Event staff serve as mock IT, distributing collected evidence when asked, mock counterintelligence, sharing indicators to keep the group progressing, and as general computer security experts giving other tips and tricks as needed.

Past and Future Events

Advanced Network Archaeology
2021 May 3 to May 6
Virtual Simulation
2020 Oct 19 to Oct 22
Virtual Simulation 1
2020 Sep 21 to Sep 24
SNL Simulation
2019 Dec 16 to Dec 19 : Albuquerque, New Mexico
PNNL Simulation
2019 Sep 3 to Sep 6 : Richland, Washington
IARC Simulation
2018 Jan 22 to Jan 25 : Las Vegas, Nevada