A Cyber Detective Game

Envolve Labs: With a twist!

Learn clustering and attribution by analyzing multiple intrusions against a fictitious research company called EnvolveLabs.

About Envolve Labs: With a twist!

Learn clustering and attribution by analyzing multiple intrusions against a fictitious research company called EnvolveLabs. This time the threat activity is tricky tricky! This is a good example of ways attribution can be challenging.</p>
Spooky Casey

🧠 What you will learn

<ul><li>How to apply foundational security analysis skills to analyze security log data</li><li>How to “pivot” between datasets using indicators or patterns of interest</li><li>How to identify tactics, techniques, and procedures (TTPs) based on observed threat activity</li><li>How to cluster patterns of threat activity based on overlaps in adversary tradecraft and TTPs</li></ul><p><br></p>

⛩️ Requirements

Anyone can do this :)

In Love Raccoon

Frequently Asked Questions

Here’s what you need to know about KC7, based on the questions we get asked the most.

KC7 is an educational tool designed to introduce students to cybersecurity principles and data analysis through engaging, hands-on activities. KC7 gamifies learning in a way that engages students in the content all while encouraging them to move at their own pace.

Anyone can use KC7 to learn cybersecurity - whether you are a career-changer, a student, or a cybersecurity professional. While KC7 is a “cybersecurity game", it uses story elements and logical thought processes to deliver content to students. KC7 aims to make cybersecurity accessible to everyone, regardless of their prior knowledge or experience.

No, KC7 is offered free of charge. KC7 was founded in order to make cybersecurity understandable and accessible to everyone.

KC7 provides everyone access to a realistic lab setting – without the major hurdles typically encountered when setting up their own – and offers a path to empower individuals to learn what it takes to work as a blue teamer and investigate realistic attacks in an organization’s environment.

KC7 is created and informed by industry professionals and designed to guide users through hands-on cybersecurity skills, regardless of their experience, and then shows them how to apply what they’ve learned with a large data set and perform the actual work of a blue teamer. Now, individuals can investigate attacks and, when the big interview question comes, “Do you have experience looking through data to surface and understand cybersecurity attacks?” they can answer, YES!

Jibby Saetang transitioned from watch and jewelry repair to cybersecurity by playing KC7.

KC7 challenges this traditional approach. We’ve redefined “fundamentals” not as disparate technical skills, but as highly transferable, cross-disciplinary skills that help students learn how to think, reason, and communicate. With KC7, students begin their cybersecurity learning journey by building and reinforcing skills in critical thinking, teamwork, written and verbal communication, and application of geopolitical context.

Teachers can integrate KC7 into their curriculum by using its story elements and hands-on activities to teach cybersecurity concepts. KC7’s free, self-paced modules are perfect for classroom settings, allowing students to learn and apply cybersecurity principles through interactive and engaging exercises.

Teachers can request a custom scoreboard for their class at no cost. This scoreboard will allow students to compete against each other in a safe and controlled environment.

Read about how Bryan Quillen, a high school cybersecurity teacher in Kentucky, transformed his classroom using KC7.

For most modules, the data is hosted in Azure Data Explorer (ADX). You'll need to access it in order to complete these modules. In order to use ADX in a separate browser, you will need a Microsoft account (Outlook, Hotmail, O365, etc.).

You'll use the KC7 scoreboard to answer challenge questions and track your progress. You will need to create an account if you don't already have one.

Some modules will provide you with a training guide. In those cases, the training guide will teach you everything you need to know for the module.