A ransomware group has gained access through compromised VPN credentials. File encryption is spreading across the corporate network while attackers claim to have exfiltrated sensitive data. You must contain the threat, notify stakeholders, and decide on recovery strategy.
How it works: You'll be presented with 3 realistic incident injects. For each one, describe how you would respond as the incident commander. Our AI facilitator engine will analyze your decisions and provide expert coaching feedback, just like having a seasoned incident response facilitator in the room.