Interactive Demo — critical Severity

Ransomware: Operation Dark Vault

A ransomware group has gained access through compromised VPN credentials. File encryption is spreading across the corporate network while attackers claim to have exfiltrated sensitive data. You must contain the threat, notify stakeholders, and decide on recovery strategy.

Threat Actor
Financially-motivated ransomware group
Initial Vector
Compromised VPN credentials
Injects
3 decision points
Duration
10-15 minutes

How it works: You'll be presented with 3 realistic incident injects. For each one, describe how you would respond as the incident commander. Our facilitator engine scores your decisions against NIST SP 800-61r3 and CSF 2.0 coaching frameworks — surfacing specific actions you took, coaching questions for gaps, and best-practice reminders. Deterministic and auditable, not a black-box chatbot.