Overview
Explore
Labs
Services
Events
Partners
What's popular
Security Operations
This learning series provides knowledge pertaining to understanding Threat Detection and Incident Response fundamentals to enhance threat detection, response, and mitigation across diverse cyber security environments. In addition, you will learn the basics about network security and how next-generation firewalls (NGFW) fits in and establish a baseline knowledge to help aid you through the Next-Generation Firewall learning paths.
CrowdStrike CTF: Falcon
CrowdStrike delivers a unified platform approach to modern security so you can protect and build your future. This game incorporates several new features of CrowdStrike, offering a unique opportunity to test your skills against the latest in cybersecurity technology.
Tools utilized within the game:
🔷Crowdstrike Falcon (EDR tool, end point protection and analysis)
🔷Crowdstrike Logscale (History and logging)
🔷CrowdStrike Cloud Security
🔷CrowdStrike Identity Threat Protection
This is a mixed capture the flag style event that will require you and your team to zero in on malicious actors inside of a network, identify vulnerable or outdated services, and brace yourself for a real-time series of cyber attacks. Points will be awarded for finding those exploits, remediating them to the best of your ability and defending Iron Guardian's network.
Security Priorities for 2025
In this report, our security experts outline four key areas to focus on in 2025.
A CTO's Primer on Breach & Attack Simulation: Part 1 - Market Landscape
Breach and attack simulation (BAS) tools are revolutionizing cybersecurity by automating threat testing. While tools like AttackIQ and Mandiant Security Validation lead the market, organizations must prioritize their unique needs over flashy features. This article explores how to select the right BAS solution to align with strategic goals and optimize security.
Cyber Range Red Team Tools
In this learning series, you will familiarize yourself with the basics of some of the key tools you may need during a Cyber Range red team event. A red team in cybersecurity is responsible for finding weaknesses and vulnerabilities inside a system and exploiting them for educational purposes. This learning series will teach you the fundamentals of network reconnaissance, password cracking, and exploitation tools.
What's new
CrowdStrike CTF: Falcon
CrowdStrike delivers a unified platform approach to modern security so you can protect and build your future. This game incorporates several new features of CrowdStrike, offering a unique opportunity to test your skills against the latest in cybersecurity technology.
Tools utilized within the game:
🔷Crowdstrike Falcon (EDR tool, end point protection and analysis)
🔷Crowdstrike Logscale (History and logging)
🔷CrowdStrike Cloud Security
🔷CrowdStrike Identity Threat Protection
This is a mixed capture the flag style event that will require you and your team to zero in on malicious actors inside of a network, identify vulnerable or outdated services, and brace yourself for a real-time series of cyber attacks. Points will be awarded for finding those exploits, remediating them to the best of your ability and defending Iron Guardian's network.
CrowdStrike CTF: Falcon
CrowdStrike delivers a unified platform approach to modern security so you can protect and build your future. This game incorporates several new features of CrowdStrike, offering a unique opportunity to test your skills against the latest in cybersecurity technology.
Tools utilized within the game:
🔷Crowdstrike Falcon (EDR tool, end point protection and analysis)
🔷Crowdstrike Logscale (History and logging)
🔷CrowdStrike Cloud Security
🔷CrowdStrike Identity Threat Protection
This is a mixed capture the flag style event that will require you and your team to zero in on malicious actors inside of a network, identify vulnerable or outdated services, and brace yourself for a real-time series of cyber attacks. Points will be awarded for finding those exploits, remediating them to the best of your ability and defending Iron Guardian's network.
Partner POV | DMV-Themed Phishing Campaign Targeting U.S. Citizens
In May 2025, a sophisticated phishing campaign targeted U.S. citizens by impersonating state DMVs through SMS and fake websites, harvesting personal data. Analysis links the attack to a China-based threat actor. The campaign's scale and impact highlight the urgent need for public awareness and robust cybersecurity measures.
Partner POV | Cloudflare's Post-Quantum Game Plan
Quantum computing poses a dual-edged sword: promising innovation while threatening digital security. As criminals exploit "harvest now, decrypt later" strategies, organizations must transition to post-quantum cryptography. Embrace crypto agility and proactive planning to safeguard data against emerging quantum threats, ensuring long-term security and compliance in an evolving technological landscape.
Partner POV | Armis Centrix™ for Early Warning for OT
Armis Centrix™ for Early Warning revolutionizes OT security by shifting from defense to offense. Harnessing AI, dark web insights, and HUMINT, it anticipates threats, neutralizes them preemptively, and addresses critical vulnerabilities. Protect your infrastructure with proactive intelligence, reducing risks and ensuring operational continuity. Transform your security posture today.
Identity and Access Management Workshop
As identities span across internal, external, customer or a combination of the three, how are you managing them? What is your confidence level that you know who that identity belongs to? With the trend of "identity is the new perimeter," it is extremely vital that organizations have an IAM strategy and know how IAM can enable a business while strengthening their security posture.
Core Routing Security: MACsec
The use of MACsec within network cores is exploding in popularity due to rising security demands and recent hardware advancements. This article explores MACsec's evolution, benefits and deployment considerations to help get you on your way to securing your high-speed core links.
Partner POV | New Frontier of GenAI Threats: A Comprehensive Guide to Prompt Attacks
Generative AI's integration into businesses is threatened by prompt attacks, which exploit vulnerabilities in AI models. Palo Alto Networks' report offers a taxonomy of these attacks, highlighting risks and solutions. Understanding and mitigating these threats is crucial for secure GenAI deployment, ensuring innovation thrives in a protected environment.
Tanium Proving Ground Lab
Tanium 7.6 Proving Ground Lab
CrowdStrike and ExtraHop Integrated Lab
WWT's ATC ExtraHop & Crowdstrike Integration Proving Ground Lab exists to provide a unified solution built around relevant use cases. It will showcase ExtraHop and CrowdStrike's integration to stop breaches before they can cause damage.
Exploring S7-1500 Factory IO Component Lab
This lab exposes the learner to Siemens TIA Portal as well as Factory IO. This is a great lab for someone looking to write their first Programmable Logic Controller (PLC) first project. The learner will build and control a simple conveyor belt system while monitoring the PLC logic and operations.
Core Routing Security: Protecting the Control Plane
Control plane protection is much more than just a checkbox; it's the best way to protect the brains of your core routers. In this article, you'll learn how to identify, classify and protect control plane traffic, leveraging built-in defenses and operational best practices to ensure core routing stability.
CyberArk Privileged Account Management Lab
Explore the essential features of CyberArk Privileged Access Security (PAS) in this lab, showcasing its capabilities in managing and auditing privileged accounts across Windows and Linux environments. Discover how CyberArk PAS enhances security through automated password management and secure session monitoring.
CrowdStrike Proving Ground Lab
WWT's ATC CrowdStrike Proving Ground Lab exists to showcase the CrowdStrike Falcon platform's web UI and ability to alert on, and prevent, breaches using cloud data and machine learning.
SentinelOne Endpoint & AI SIEM Foundations Lab
Welcome to the SentinelOne Endpoint & AI SIEM Foundations lab provided by the WWT ATC! This lab provides you with a sample environment where you can gain hands-on experience with the SentinelOne solution.
Doomsday Prep: How to Keep Your Business Alive During a Ransomware Attack
With 88 percent of organizations facing at least one ransomware attack annually, the focus must shift from just prevention to survival.
The solution: Minimum Viable Recovery (MVR) — a practical approach to recovering just enough to keep the business running. This is about achieving Minimum Viable Business, not full restoration.
Understanding North Korea's Cyber Tactics
In this episode of the Privileged Exec podcast, Matt Berry interviews Steve Stone, SVP of Threat Discovery and Response at SentinelOne. They discuss Steve's military background, leadership style, mentorship, cybersecurity skills shortage, AI's evolving role, and fostering innovation through collaboration between experienced and younger professionals.
Five Considerations for Successful Identity and Access Management Architecture
Discover the five considerations needed to effectively incorporate Identity and Access Management (IAM) into your business.
How Palo Alto Networks is Revolutionizing Security Operations with XSIAM
Cortex XSIAM revolutionizes cybersecurity by integrating AI, automation, and comprehensive visibility into a unified platform. Experience an autonomous SOC that empowers teams to focus on strategic threat hunting and proactive protection.
Resetting the Foundation: Visibility, Control and Real-Time Action with Tanium
In today's fast-paced digital world, IT security and operations have become increasingly complex. However, there's a growing need to return to the fundamentals, emphasizing simplicity and focusing on what truly matters. This blog will explore the key areas where IT security and operations can benefit from getting back to basics.