Cyber Ranges Mentioned as an Emerging Technology in the Gartner® Emerging Tech Impact Radar: Security Report

What security technology should your organization be prioritizing? 

Gartner’s recent Emerging Tech Impact Radar “tracks some of the more impactful emerging technologies and trends driving innovation in the security market. It should be used to guide your strategy development and product roadmap planning surrounding relevant security technologies and services,” the authors state.

One of the technologies highlighted in the report is cyber ranges – the first time cyber ranges have had a category in the Gartner Emerging Tech Impact Radar: Security Report. 

Cyber Ranges for Security Team Training

Cyber ranges are like virtual training grounds for people working in cybersecurity. They help security teams – both offense (the red team) and defense (the blue team) – learn, practice, and test their skills. These ranges create simulated working environments that have multiple components such as virtual machines, containers, routers, switches, and network security tools, just like in the real world. They also throw in everyday business applications and databases for good measure.

In most cyber range setups, the computer systems and networks are intentionally made vulnerable. Why? So that security experts can use them to practice dealing with cyber threats. It's like having a safe space to experiment and improve your security skills. Many cyber range platforms are bundled together with training services to provide a comprehensive learning experience.

Cyber ranges are not all the same. Many are basic and do not monitor users, assess performance, prepare for certifications, or include both IT and OT options and scenarios for red and blue teams. 

“More advanced emerging providers with attack and defender scenario templates, complex monitoring of user performance, and objective-based integrated training characterize the core needs of the more mature security programs targeted by this technology category,” Lawrence Pingree, vice president at Gartner, wrote in the report. “Cyber ranges with more advanced capabilities are the preferable solution for security leaders and chief information security officers given that they add greater overall value than low-end, ‘light’ cyber range solutions.” 

Cloud Range was recognized in the Gartner report as a sample vendor for a cyber range.

The Cloud Range Differentiation

Here are a few reasons why we believe Cloud Range is ahead of the curve for cyber range platforms:

• Customizable ranges – From the network environment, architecture, and tools to the attack type, traffic generation, and complexity level, Cloud Range’s cyber range are immensely customizable. OT/ICS environments also include virtualized PLCs, HMIs, monitoring tools, and hardware-in-the-loop (HIL) capabilities.

• Cyber attack content library – While many cyber ranges require the practitioners to build scenarios, Cloud Range has a regularly growing library of live-fire attack scenarios for teams based on real threat intelligence and mapped to the MITRE ATT&CK frameworks. Scenarios include ransomware, OT/ICS attacks, DDOS attacks, phishing, DNS tunneling, website defacement, supply chain attacks, and more.

• Multiple learning formats – Cloud Range’s thousands of simulation options include red, blue, red vs blue, and purple training exercises for full teams; capture the flag events; skill development labs; challenge labs; and next-generation tabletop exercises.

• No infrastructure or administration required – Cloud Range’s cyber ranges are cloud-hosted and scalable, and the safe, replicated SOC environment includes actual licensed SIEMs, firewalls, and other security tools. Plus, our full-service model includes program management, facilitation, and reporting.

• Instructor-led sessions – Expert Attackmasters™ provide live counsel during missions, ensure interaction and engagement, and evaluate performance and skills.

• OT/ICS components – Cloud Range has the only live-fire OT/ICS cyber range for team training and regularly develops new cyber attack scenarios. That enables OT incident response (IR) and ICS security teams to be immersed in and understand various attack flows, vulnerable ingress points, how to respond if a system is compromised, and how to limit cyber-physical damage.

• Performance evaluation and reporting – All progress is tracked in an integrated learning management system with scoring and analysis that factor in KSAs from the NICE Framework, TTPs from MITRE ATT&CK frameworks, industry-specific regulations, job requirements, technical proficiencies, soft skills, and mean and actual time to detection. Cloud Range provides metrics and detailed analysis of individual and team performance, so security leaders can track changes and improvement over time, which directly translates to decreased levels of cyber risk.

Cloud Range’s cyber range-as-a-service platform enables security teams to practice and hone their skills with real-world cyber attacks, make the most of their toolsets, and improve IT and OT operational efficiency. Security leaders and teams are drawn to Cloud Range’s solution because we solve a global problem with a quality readiness solution that strengthens cyber resilience, demonstrates measurable results, and reduces the organization’s exposure to cyber risk.

Contact us to learn more or request a demo!

​​

Gartner, Emerging Tech Impact Radar: Security, 6 October, 2023. Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.