What is ThreatGEN Red vs. Blue?
ThreatGEN Red vs. Blue is the industry's first multi-player strategy computer game where players compete against each other, head-to-head, to take control/maintain control of a computer network. This is not a fiction-based game like those found on the consumer gaming market. This is a live, player vs. player "gamified" training simulator, designed to teach cyber security skills in an immersive and interactive applied learning environment.
It's Not Just a Game: Learn Real-World Cybersecurity!
Developed by Clint Bodungen and Aaron Shbeeb, authors of Hacking Exposed: Industrial Control Systems and experienced cybersecurity professional Matthew Anderson, ThreatGEN Red vs. Blue is the first ever multiplayer computer game designed to teach real-world cybersecurity! Learn how hackers think, operate, and attack systems by playing the part of the red team (no prior skills necessary)! Play the part of the blue team and learn about real cybersecurity controls, technology, methods, and strategies! ThreatGEN Red vs. Blue is also the only training tool in the world that exercises practical application of “higher-level” and more strategic concepts such as building cybersecurity programs, risk mitigation strategy, and more.
Play as the Blue Team or Even the Red Team (No Prior Skill Required)!
Which side will you choose? The hackers (red team) or the cyber defenders (blue team)? You get to do both, with no technical learning curve to play as the red team! Battle head-to-head in turn-based cyber warfare, where the fate of a company's computers, network, information, and even critical industrial control systems hang in the balance.
It's the CTF (Capture the Flag) FOR EVERYONE!
Traditional cybersecurity CTFs involve solving a variety of (often technical) challenges, which earn the players points. ThreatGEN Red vs. Blue brings capture the flag back to what it was historically meant to be… team-on-team, infiltration style, competition!
By the Community... For the Community
Every single member of the development team for this game actually comes from the cybersecurity (or INFOSEC) community. Most of us work, or have worked, for years as cybersecurity professionals, and we all remain active members of the community. ThreatGEN Red vs. Blue was developed and tested as a result of the feedback from more than 300 beta testers in the cybersecurity community. Our goal is to continue to make regular updates based on continued feedback, making this truly a game by the community, for the community.
ThreatGEN Red vs. Blue is a turn-based strategy game played much like popular global domination board games. Rather than a world map, the "game board" consists of a computer network, which players compete for control over. It’s simple and easy to learn. Instead of simulated computer terminals, players choose and commit actions using "action cards" similar to a trading card game.
- Single Player vs. Computer A.I. (as red team or blue team)
- 1-on-1 internet and local hot seat multiplayer
- Cross-platform multiplayer
- Touch screen optimized
- In-game real-world cybersecurity advice and hints
- Beginner tutorial
- Configurable settings and win conditions
- "Game-pedia" with game play concepts and instructions, as well as real-world cybersecurity definitions and concepts
- Red Team vs. Blue Team Training
- ICS/SCADA Cybersecurity Training
- Cybersecurity Awareness Training
- Classroom Curriculum Labs
- CTF (Capture the Flag)
- Workshops and Corporate Events
- Tabletop Exercises
What is Red Team/Blue Team Training?
Security aware and knowledgeable users serve as the “front line” of your overall security posture. As such, training is one of the most essential components of your risk mitigation strategy and overall cybersecurity program. However, without learning cybersecurity from the “hacker’s” perspective and gaining a true understanding of how adversaries attack and compromise networks, systems, and assets, you’re only getting half of the picture. Without that other half, you’re essentially blindly deploying generic security controls and “best practices”. In order to have an efficient and cost-effective risk mitigation strategy, you must understand not only where your vulnerabilities are, but also the tactics that attackers will use to exploit these vulnerabilities. Think of it like sports. If a team went into a match without knowing how the other team's offense was going to attack, the defense would be severely out matched. Red Team/Blue Team Training provides the opportunity to learn these adversarial tactics in conjunction with the defensive methods; and then students get to apply the skills they learn as they face off in a head-to-head competition, Blue Team (the defenders) against Red Team (the attackers).
You Don't Have to Be a Hacker
Traditionally, red team/blue (or red team vs. blue team) training has been a significant time commitment, often upwards of five days or more. This can be taxing on constrained schedules and budgets. There is also a steep technical learning curve to be able to play the part of the red team. As a result, most training requires someone with existing "hacking" or advanced cybersecurity skills to take part in the class to act as the red team. ThreatGEN Red vs. Blue was developed by authors of “Hacking Exposed: Industrial Control Systems” and uses cutting edge computer gaming technology, to offer all the best aspects of red team/blue team training, but in a fraction of the time and without a technical learning curve. Students of all levels can even play the part of the red team, regardless of experience or skill level.
Additionally, less than 10% of cybersecurity professionals need to have the hands-on skills to actually exploit a system in order to know how to secure systems and networks. The majority of the up front value for most organizations is understanding the attack vectors, the strategies and methods (at a high-level) adversaries will use to attack those vectors, and what security controls and vulnerability remediation are needed to protect against such methods. ThreatGEN Red vs. Blue allows players of all skill levels to see "the big picture". It offers the unique ability to provide a practical application aspect in subjects such as mitigation strategy, cybersecurity program management, and policies and procedures development, where practical, "hands-on" training has traditionally been difficult to do.
Layered Defense vs. Limited Resources
"Layered defense" is a sound concept and great security practice... if you have the resources to do it effectively. The truth is that almost every organization is resource constrained, in terms of budget, skilled staff, and time, when it comes to cybersecurity. As a result, only a limited number of security layers (security controls) can be applied. ThreatGEN Red vs. Blue teaches the skills and strategies necessary to formulate an efficient, targeted, and cost-effective risk mitigation strategy with constrained resources. One of the most unique and effective aspects of ThreatGEN Red vs. Blue is that it teaches how to do all of this against a live adversary (the red team) strategizing against you, adjusting to and countering your efforts. Just as it is in the real world, effective cybersecurity takes more than just implementing "best practices" and "layered defense".
ThreatGEN Red vs. Blue Versions:
- Red vs. Blue
The cybersecurity training game for everybody, available on Steam
- Red vs. Blue Corporate
The cybersecurity training game with customizable options and scenarios for corporate training
- Red vs. Blue CTF
Take on other competitors defending your network while attacking theirs in team competition
- Red vs. Blue Tabletop
The new innovative and modernized approach to table top exercises
- Red vs. Blue Instructor Led Training