Immersive Labs

Immersive Labs

We empower businesses to measure and evidence human capabilities in every part of their cybersecurity.

Immersing individuals in challenges, scenarios, and simulations covering everything from spelling the word cyber to technical tools, and reverse engineering malware. Enabling you to evidence your team’s readiness to face the very latest cyber threats.


  • Equip, Exercise and Evidence workforce cyber capability
  • Gamified, challenged-led learning methodology
  • Online, on-demand labs and challenges available 24/7
  • Over 700 story-driven defensive, offensive and intelligence-led labs
  • At least 4 new labs added every week
  • Develop cyber skills: Workforce Security Awareness, Knowledge, Tools and Techniques
  • Virtual machines and tools to analyse real data and problems
  • Labs mapped to MITRE ATT&CK™ framework techniques
  • Objectives for all NIST-NICE work roles: entry to advanced
  • Full management functionality, including reporting of individual and team progress


  • Continuously battle-test teams against emerging threats
  • Reduce incident response dwell time
  • Improve cyber readiness and security ethos
  • Directly align skill levels to actual cyber risks
  • Benchmark and upskill individuals and teams at all ability levels
  • Reduce time to learn important cyber security knowledge and skills
  • Measure, visualise and evidence human capability
  • Reduce off-site training costs
  • Reduce recruitment costs
  • Uses gamification to encourages healthy competition


£2,995 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

5 5 6 8 5 9 9 4 9 6 2 6 6 1 8


Immersive Labs Debbie Tunstall
Telephone: +44 (0)20 3893 9101

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
  • Browser - Chrome, Firefox, Safari, Edge or Internet Explorer 11
  • Broadband internet connection
  • Desktop/laptop

User support

Email or online ticketing support
Email or online ticketing
Support response times
Immersive Labs monitor the support inbox and aim to respond to queries within 2 working days.
Working hours are 09.00 to 17.30 GMT/BST (as applicable) Monday to Friday (excluding UK bank and public holidays).
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
Immersive Labs provide support for both the web application and underlying content served in the platform. We maintain an
online support function through an email address:
Support available to third parties

Onboarding and offboarding

Getting started
Managers will be introduced to a Customer Success Manager who will provide onboarding instructions and deployment strategy.
The Customer Success Manager will invite users to an online onboarding session to help them familiarise themselves with the platform.
Extensive documentation and video references are also available.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can download a copy of their achievements on the platform at any time and Immersive Labs complies with GDPR requirements.
End-of-contract process
The service is entirely online and browser-based. At the end of the contract access to content is revoked.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Content has been rendered for use on all devices.
Service interface
Customisation available


Independence of resources
Our service meets the demands of all users by utilising the scaling capabilities of the underlying cloud infrastructure. This is continuously monitored to ensure that we provide enough capacity.


Service usage metrics
Metrics types
The reporting feature provides individual, team and organisational user metrics including:
- Cyber Capability Score (including MITRE ATT&CK coverage)
- Completed labs
- % completed objectives
- Time spent on labs
- Points awarded
- Lab type and skill level
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Within the reporting feature of the platform, managers can download CSV files of all user activity.
Individual users can access their record of achievement through the user profile section.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Microsoft Office formats
Data import formats
  • CSV
  • Other
Other data import formats
Microsoft Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
All other traffic is private and secured through comprehensive network security controls.

Availability and resilience

Guaranteed availability
The platform is designed to be available 24/7, 365 days a year.
We operate on a target minimum service availability of 99.5% uptime. We monitor this by using a third party who alerts us when the site is unavailable.
In the event of a fault with the platform, users need to report it to
There are four tiers of incident depending on the scale and severity of the issue. A target response and resolution time is defined for each level and apply during working hours only.
Where development work is required, the target resolution times may be extended.
Level 1 - The production system is unavailable for all users
Support team working inside and outside of working hours until resolved.
Level 2 - Multiple users cannot access multiple labs
Notification to
Investigated inside working hours with a 0.5 day target to resolve.
Level 3 - A single user cannot access multiple labs.
Notification to
Investigated inside working hours with a 1 day target to resolve.
Level 4 - A single user cannot access a single lab.
Notification to
Investigated inside working hours with a 5 day target to resolve.
Approach to resilience
Our service takes advantage of the multiple availability zones of the underlying cloud provider, ensuring that a minimum of 2 are used at all times.
Our service is resilient by leveraging multiple availability-zones consistent with the fabric of the underlying cloud provider.
Outage reporting
Service outages are via an API, reporting agents and an external monitoring service. This will also be accompanied by emails if deemed necessary.

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
All management interfaces apply access restrictions via an IPSEC VPN and federated identity authentication.

Support channels are public, but administration of those channels is done via federated Single Sign-On to Google G Suite.
Access restriction testing frequency
At least every 6 months
Management access authentication
Identity federation with existing provider (for example Google Apps)

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Cyber Essentials and working towards ISO27001
Information security policies and processes
Immersive Labs is enhancing its ISMS using the ISO27001:2013 - Information Technology - Security Techniques - Information Security Management Systems - Requirements which details control objectives and controls. Immersive Labs is also certified Cyber Essentials.

All employees are required to complete a series of onboarding objectives covering areas such as information security and data protection. Their contractual obligation to the company requires them comply with company policies and standards. This includes maintaining the CIA of all customer data.

Two members of the board, CPO and COO are responsible for the security of the platform and the company. A monthly security and risk review is chaired by the ISO who reports into the COO and covers emerging threats, vulnerabilities and risk treatment, which is tracked via committee members and the board.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Architecture Decision Records for significant changes.
Robust Code Review process of day to day changes.
Evaluation of newly introduced OSS for license and security risk.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Immersive labs operate an internal threat research team. This team takes Threat Intel and threat data feeds from a wide variety of sources including the NCSC CiSP Portal.

Any critical vulnerabilities are raised with the appropriate team. Patching is then performed as required.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
As a cloud native SaaS platform we use the logging and monitoring provided by our cloud service providers.
Incident management type
Supplier-defined controls
Incident management approach
As a cloud native SaaS platform we use the logging and monitoring provided by our cloud service providers. Additional logs are recorded and monitored for unusual behaviours. If unusual activity is detected a security incident is raised and a cross functional team allocated to respond to the incident. The level of response is tailored to the level of the incident.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£2,995 a licence a year
Discount for educational organisations
Free trial available
Description of free trial
Full access to the platform for agreed time period can be provided in certain circumstances.
Lite mode with a sample of labs and learning objectives can be accessed freely.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.