Attack and Defend

A comprehensive approach to delivering offensive and defensive skills.

Why this approach to application security?

  • Comprehensive

    Skill shortage

    knowledgeable and experience people are hard to find.

  • Reduced Risk

    Increasing Regulations

    Regulations and Compliance has never been more demanding, with no end in sight

  • Reduce Time/Cost

    Speed of change

    Most importantly, technology development is far outpacing building securely.

  • Confidence

    Widening Gaps

    Security gaps are getting bigger with cybersecurity attacks increasing.

What is Attack & Defend?


  • CMD+CTRL Cyber Range: A turnkey range used as a new form of authentic gamified training

The CMD+CTRL platform ensures teams reach their potential by providing an immersive learning environment that to think like an attacker by hunting down real-world vulnerabilities. Customers use the CMD+CTRL cyber range to peak interest in the upcoming training, raise awareness to the importance of developing greater security awareness and aptitude with measurable results and a baseline of current capabilities. Find out more.

  • Reporting: Intelligence that diagnoses strengths and weaknesses down to the individual user

Providing team intelligence down to the individual user, our reporting makes it easy to see where your security champions are by highlight areas where team members excelled in exploiting vulnerabilities, and also where improvement is needed. This reporting on the individual and team level is a tangible way to measure ongoing training effectiveness, understand organizational preparedness, identify a baseline with specific areas to fill skill gaps, and encourage consumption of the Security Innovation eLearning courseware beyond.

Download our Learning Paths


  • Computer-Based Training: Remediate through recommended pathways to our eLearning library

By interpreting the CMD+CTRL results, Security Innovation will provide ROI through learning paths for individual and groups based on specific title, role, technology and skill level. By combining CMD+CTRL with eLearning, teams will acquire both the offensive and defensive skills needed to understand how applications are exploited and devise countermeasures at both the design and code level to effectively thwart attacks. Find out more.

Download our courses mapped to standards


Run your own CMD+CTRL Cyber Range

We'll open up our CMD+CTRL Cyber Range for you to run your own internal event, score points, and see how you do.

Find out more

What people say about our CMD+CTRL Cyber Range:

“Loved how creative it was. Surprisingly interesting.”

“Eye opening to see how SQLi actually works/looks.

All I’d been taught before was the theory and how to mitigate. The chance to hack someone else’s code, usually not possible and not easy to hack your own code.”

“I realized how easy it is to introduce problems with lazy programming practices (e.g. robots.txt).”

“I realized that I have written vulnerable code myself.”

“I realized that this information is not being taught in university and it should be.”

“There is a mix of older and younger developers here. Did you notice that guy on the left side of the room who was answer so many questions, totally engaged. He’s been here for 18 years, it was amazing to see him so interested and having so much fun.”

“Felt like we were a team of hackers trying to get into North Korea or something like that.”

“Most fun, engaging training I’ve ever attended.”

Ready to become a master
of your Enterprise?

Book a free consultation and one of our experts will be in touch to learn more about your current situation, and discuss how we can help.

Master Enterprise security