Interactive Demo — high Severity

Data Breach: Customer PII Exposure

A SQL injection vulnerability in your customer-facing portal has been exploited, exposing personal data of 250,000 customers. You must contain the breach, assess the damage, notify affected individuals, and manage regulatory obligations across multiple jurisdictions.

Threat Actor
Unknown external attacker
Initial Vector
SQL injection in customer portal
Injects
3 decision points
Duration
10-15 minutes

How it works: You'll be presented with 3 realistic incident injects. For each one, describe how you would respond as the incident commander. Our facilitator engine scores your decisions against NIST SP 800-61r3 and CSF 2.0 coaching frameworks — surfacing specific actions you took, coaching questions for gaps, and best-practice reminders. Deterministic and auditable, not a black-box chatbot.