Holhooja Ltd.

Cyberbit Range as a Service - SOC & IR Simulation Training

Cyberbit provides hands-on cybersecurity education and training and addresses the global cybersecurity skill gap through its world-leading cyber range platform. The Cyberbit Range platform delivers a hyper-realistic experience that immerses learners in a virtual security operations center (SOC), where they use real-world security tools to respond to real-world, simulated cyberattacks.

Features

• Real world attacks across the entire kill chain including phishing
• Build Team Skills on on Firewall, SIEM, and others
• Enterprise grade networks from IBM Splunk Palo-Alto Checkpoint ...
• Commercial grade tools to mitigate attacks
• Instructor tools to provide constructive feedback to trainees
• Wide variety of attack scenarios for Blue and Red Teams
• Team and individual training
• Assessment mode to test SOC team or candidate skills
• Aligned to NIST IRF, NICE Framework, and MITRE ATT&CK
• Approved for continuing education credits from EC-Council and ISC2

Benefits

• Decrease on-boarding time by up to 3X
• Improve mean-time-to-response (MTTR) with upgraded SOC team skills
• Gain real world experience without any risk to your network
• Accurately assess candidate and team skill set
• Upskill existing team members technical
• Improve team-communication, leadership-skills, data-analytics, etc.
• Acknowledged by US NSA/DHS

£850 a person a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

577307484308398

Contact

Government Cloud Team
07736552007
gcloud@holhooja.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Web Browser
  • Client Devices (Win 10, OSX)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 8 working hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Priority 1 = 15 Mins; Priority 2= 4 Hrs; Priority 3 = 12Hrs; Priority 4 = 24Hrs
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of on-boarding process, we will help you establish the following:; • Training plans; • Communications plan; o Exit.; ; The appropriate training for Users of the service will ensure they are familiar with the capability, functionality and can therefore realise the benefits as quickly as possible. A training plan will be created at the Service Transition stage of the on-boarding process. The delivery of the training plan will include relevant User guides, appropriate use policies and work instructions as well as documented FAQs.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Video documentations
  • Learning Guides
• End-of-contract data extraction: Training Reports are available on the Administration dashboards and can be reproduced upon the termination of each training delivery.
• End-of-contract process: Access to the Cloud training simulation will disconnected.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• API: No
• Customisation available: Yes
• Description of customisation: Cyber Security Scenarios; Web Browser; Users and Administrators

Scaling

• Independence of resources: Service is built on the highly scalable AWS infrastructure

Analytics

• Service usage metrics: Yes
• Metrics types: User Training; Success / Failure; Training Hours; Training Courses
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Cyberbit

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: User Training Reports can be exported by trainees and training administrators using the web interface.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: Manual importing of trainee email addresses

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9% availability; In the unlikely event of non-SLA compliamce, non-availability would be refunded by compensation time.
• Approach to resilience: Service is built on a highly resilient infrastructure
• Outage reporting: By email to customers

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Undisclosed
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: U.S. National Institute of Standards and Technology (NIST)

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In line with ISO 20000 process
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: In line with ISO 27001.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: A number of SIEM best practices are employed in safeguarding and monitoring information service such as:; ; o Compliance; o Access control; o Perimeter Defences; o Resource Integrity; o Intrusion Detection; o Malware Defence; o Acceptable Use
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In line with ISO 20000

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £850 a person a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a "Proof of Value" whereby we take you through a free 4-hours attack scenario to explain how your SOC Analyst will receive relevant training to develop their ability to respond. ; ; We also offer our customers the opportunity to participate in a SOCathon to measure their skills against those.
• Link to free trial: Please contact us to arrange

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF