ThreatGEN® Red vs. Blue 1.4 has arrived

Sugar Land, Texas (September 8, 2020) — ThreatGEN, an operational technology (OT) security firm released version 1.4 of its flagship ThreatGEN® Red vs. Blue gamulation (gamification using simulation technology) on August 31, 2020 with overwhelming interest – the world’s first online, player vs. player, computer game designed to teach real-world security. Play statistics gathered through the STEAM platform, which is how the gaming edition is delivered, have geometrically increased after the release.

With players in 53 countries across the world, our ThreatGEN® Red vs. Blue gamulation is striking a nerve, not only in the STEAM gaming community, but also in the education and professional communities” said Matt Anderson, ThreatGEN’s Chief Operating Officer. “With daily professional inquiries across multiple industries worldwide (on literally every continent… except Antarctica, of course), our gamulation is drawing attention from industry professionals experiencing the cybersecurity skills gap.

Recently, ThreatGEN® Red vs. Blue’s usage at the college level has come into focus as well – University of Houston’s Art Conklin’s usage of the gamulation in his Master of Science in cybersecurity in the UH College of Technology was featured in multiple articles over the last month:

Release Notes from STEAM

Source: STEAM ThreatGEN® Red vs. Blue 1.4 release notes

It’s official! The long awaited [ThreatGEN® Red vs. Blue] 1.4 update has been released! This updated has tons of new features and visual enhancements that increase the player experience and overall depth of the game.


This is a major feature update intended to increase the depth and real-life correlations of the game as well as improve the overall player experience. In addition to bug fixes and graphical enhancements, this update adds more actions for both the red team and the blue team, expanded social engineering capabilities, expanded incident response process, physical security elements, and updated mechanical/UI features for ease of use.


User Interface (UI)

  • Removed the “card stage” and action “cards” altogether
  • Added action icons to action menu items
  • Made the action log more visual rather than just lines of text
  • Enhanced main background image
  • New background images that change based on situation
  • New status indicators on lower UI for both the RT and BT
  • Location indicator graphics for RT
  • Rearranged button layout for end game screen
  • Small pop up dialogue animation
  • Remote user moved to the “cloud zone” where the card stage used to be, and added a second remote user
  • Turn start notifications dialogues are now divided into Milestones, Achievements, and Informational
  • Enhanced dialogue format (changed the skin and added transparent screen “blackout”)
  • Moved research actions to a consolidated “research” dialogue with a pick list
  • Animated red target image when attacks are detected
  • Network lobby red and blue team select buttons
  • Denied/out of service assets are not transparent gray
  • Game button shows the color of the team chosen by the game creator
  • Ability to view both teams and their action logs in the end game results
  • Updated and improved game text in several areas
  • Overall image quality enhancement
  • Added audible timer ticks when time is about to expire

Functional/Mechanical Changes

  • Added new actions for both BT and RT (about double)
  • Expanded social engineering options and added an “attack campaign” dialogue with pick lists for options
  • Actions are now played strictly from the action menu (since the card stage has been removed)
  • Expanded wiki menu collider/hit box (on action menu items) to entire object
  • Added a physical security category, with related actions and mechanics for both the RT and BT
  • Added actions to manage moving to new physical locations as the RT (location options are in a “change location” dialogue with pick lists for the options, which include physical, electronic, and social engineering means in addition to locations)
  • Expanded security monitoring: Now you install the SIEM, followed by network sensors (by zone) and endpoint protection/HID (by asset)
  • Network sensors have a chance to detect network attacks (even if unsuccessful)
  • Endpoint protection/HID now detect (% chance) of detecting a compromise
  • Some actions are only available in specific modes (IR vs. normal for BT, remote vs. onsite for RT)
  • For physical security, in addition to physical location and access, added ability to create and drop malicious USBs and plant rogue devices
  • Expanded WiFi router relevance: It can now be scanned and cracked when onsite, then used as a pivot, and can be secured with strong WiFi security by the BT
  • Player can choose to be red or blue team when creating a game instead of the game creator always being blue team
  • Red Team can upgrade their computer/rig, which increases the maximum resource points by 1
  • Win conditions are now set and not adjustable
  • Removed “around the world” and “weathered the storm” win conditions. Now, the RT can win by damaging the ICS process, BT can win by “all clear” removing all vulnerabilities, or either can win by default high score victory
  • Sound can be muted from the start menu and the setting will remain persistent
  • Ability to suppress each of the individual notification dialogue types, in the settings
  • Ability to toggle notification suppression in the in-game menu
  • Ability to view both teams and their action logs in the end game results
  • Added hidden “Easter eggs” (details not disclosed)
  • Updated the scoring mechanics that include the new actions and mechanics, as well as several other factors, rather than just based on milestones (scoring details will be released)

Bug Fixes

  • Shield icons become “unclickable” due to a “ghost” collider overlap after using the attack dialogue
  • When targeting RT assets near the upper right corner of the card, you need to click on the asset where the targeting image ISN’T to get it to register due to a “ghost” collider overlap
  • Fixed pointer icon display bug when hovering over shield icons
  • End Turn button enabled when it’s not the players turn
  • Timer out of sync issue causing online play disconnects and sync issues
  • Targets for targeted actions that are too expensive to play don’t clear the target type when the action fails to queue
  • Overlay issue. When both the action queue and the action log are open you cannot close out the action queue until you close the action log
  • In hot seat mode, on the first turn at the beginning of the game, BT can start playing actions before pressing Start Turn
  • Costs too much” dialogue only works the first time
  • End game points not the same for players in networked games
  • HMI didn’t have correct asset visibility settings
  • Lobby inconsistent state when second player leaves
  • More than two players can enter a game room
  • Shield icon can be clicked through popup dialogue boxes
  • Resume button makes End Turn available when it’s not the player’s turn
  • Player can advance turn before the other player I loaded, causing adverse behavior
  • If the remote user is a pivot, all “visibility” that the remote user provides should go away if the remote user is not logged in
  • BT staff resources mysteriously disappearing

Other resources

There are a number of resources associated with ThreatGEN® Red vs. Blue version 1.4, including:

References to the new release in the press:

About ThreatGEN

Founded in Sugar Land, Texas in 2017, ThreatGEN delivers a solution to bridge “the ICS Cybersecurity skills gap” utilizing its Red vs. Blue Academy and ThreatGEN OT Security Services. Red vs. Blue Academy uses cutting-edge computer gamification in ThreatGEN™ Red vs. Blue to provide an exciting & modernized approach to industrial cybersecurity training, both practical and cost effective! ThreatGEN OT Security Services are delivered worldwide by world-renowned Operational Technology (OT) cybersecurity experts (we literally wrote the books industry uses) using strategically chosen partnerships to create a holistic service offering.

Company website:

For further information

For further sales information, send an e-mail to

Derezzed Inc. D/B/A ThreatGEN
14900 Southwest Freeway #300
Sugar Land, Texas 77478

(833) 339-6753

#OTSecurity #Cybersecurity #Training #ThreatGEN #RedvsBlue