Cyberange
New · 2026 Threat Intel Calendar — India edition is live

The cyber range,end to end.

Deploy range. Run simulations. Train operators.
Cyberange is the partner behind the scenes—building the infrastructure, consulting on strategy, and training your people across the full cyber lifecycle.

Book a range tour Play a quick TT Exercise Now!
Cyberange phygital range — a working miniature.

Trusted across BFSI, defence, telco, and critical infrastructure

Bharat Petroleum logo SEBI logo Catholic Syrian Bank logo Isha Foundation logo NSDL logo BRBNMPL logo Union Bank logo Tata Communications logo Mercator Shipping logo NPCI logo MC Holdings logo IFFCO logo Bassein Catholic logo Bosch logo
SBI logo CERT-In logo Mumbai Metro logo WB logo Narcotics Control Bureau logo Canara Bank logo PTC India logo NCIIPC logo HP logo Indian Oil logo NTRO logo BCAC logo Larsen & Toubro logo Stockholding logo

One range. Three disciplines.

End-to-end cyber doesn't come from three different vendors.

We build the tools, run the engagements, and field the operators — on the same range, with the same telemetry, with the same team.

The Cyberange product family. A tight 2x2 grid of the four Cyberange products with their audiences: Virtual Labs for beginners, Cyberbay for students, the Phygital Lab for students and professionals, and TAW for enterprise. BEGINNERS kali.range.local ┌─[kali@range] └──$ nmap -sV 10.0.4.0/24 Discovered host 10.0.4.12 445/tcp open smb 3389/tcp open rdp 22/tcp open ssh 80/tcp open http └──$ msfconsole [*] Starting Metasploit msf6 ▸ TOPOLOGY H1 H2 VPN DC FS VIRTUAL LABS · browser-isolated STUDENTS MCU · ESP8266 LDR LED CYBERBAY · grades 8–12 STUDENTS · PROS RACK · 6U · ICS+IoT PLC · L7 HMI · HID RTU · MODBUS NET-TAP PROBE · L2 PWR · 48V DC PHYGITAL LAB · HO-scale ICS ENTERPRISE taw / dashboard v6.4 CASES 12 IOCS 47 HUNTS 3 10:42 11:08 TAW · analyst workbench

01 · Products

The range, as a product.

Phygital labs you can touch. Virtual labs you can spin up. An analyst workbench that ties intel, incidents, and hunts into one pane.

  • Cyber Phygital LabHO-scale ICS, IoT, and critical-sector models. Touch the rack — break it from the laptop.
  • CyberbaySmaller-scale phygital kits for grades 8–12. STEM, electronics, and cyber fundamentals.
  • TAWThreat Analyst Workbench. One pane for threat intel, IR cases, and active hunts.
  • Virtual LabsBrowser-isolated Kali ranges and an LMS. Pentest practice at scale, safely.
See the product range
Consulting operator workspace. Three panels: a red-team operations terminal running an adversary emulation against crown jewels; a lateral-movement hunt graph with five hosts, MITRE TTP edge labels, a hypothesis ring on the suspicious APP node, and a red dot traversing the attack path to the crown; and a DFIR evidence log with a magnifier inspecting a suspicious command. redteam-ops · 14d SESSION 042 $ adversary emulate --ttp T1078 --target crown-jewels [+] initial access · 09:14 [+] credential dump · 09:42 [+] lateral movement · 10:08 [+] objective reached · 11:36 [!] detection gap — see report §4.2 HUNT · HYPOTHESIS · LATERAL MOVEMENT T1190 → T1021 → T1486 T1190 T1078 T1021 T1021 T1486 EDGE WEB APP · LEAD JUMP CROWN EVIDENCE ATTACK PATH HYPOTHESIS DFIR · EVIDENCE 4 EVENTS · 15s 10:42:18 HOST-7A4 child_proc=powershell.exe 10:42:21 HOST-7A4 net localgroup admins user /add 10:42:27 HOST-7A4 task_create RunOnce 10:42:33 HOST-9C1 smb_share_access finance$

02 · Consulting

We don't run engagements from a deck.

Adaptive red team operations, DFIR, and intel-led threat hunts. Run by operators who also teach the course and write the playbook.

  • Adaptive Red Team OpsIntel-led adversary emulation, mapped to your crown-jewel assets.
  • DFIRDigital forensics and incident response. On-call retainer or live breach support.
  • Threat HuntingHypothesis-driven hunts in your telemetry. We don't wait for alerts.
Talk to consulting
Multi-track cohort schedule and live range console. A Gantt-style schedule showing five Cyberange training tracks (SOC, DFIR, Threat Intel, Pentest, VA/CA) progressing across eight weeks of cohort 26-A, above a live range console showing four named operators on the range with their current activity, progress, and outcome. COHORT · 26-A · ACTIVE WEEK 04 / 08 W01 W02 W03 W04 W05 W06 W07 W08 SOC DFIR INTEL PENTEST VA/CA DONE IN PROGRESS UPCOMING RANGE · LIVE · COHORT 26-A 14:32 IST 01 OP-07 triage 3 IRs · 12m 02 OP-12 hunt 1 lead · 4m 03 OP-21 detect COMPLETE 04 OP-04 triage queued OPS ON RANGE 14 RANGES UP 6 MTTR · MEDIAN 4m 12s OPERATOR TRAINING · live range hours · 5 tracks

03 · Training

Hours on the range, not hours in a slide deck.

Retail and corporate cohorts across SOC, DFIR, threat intel, pentest, and VA/CA. Every track maps to real telemetry and real engagement data.

  • SOCTier 1 → Tier 3 analyst tracks. Real telemetry, real triage.
  • DFIRHost, network, and memory forensics — incident lifecycle, end to end.
  • Threat IntelStrategic, operational, and tactical CTI.
  • PentestWeb, mobile, network, AD, cloud.
  • VA / CAVulnerability assessment and compliance assessment tracks.
Browse the catalogue

The mark, explained

Trained attacker.Trusted defender.One operator.

The split ninja with a d-pad eye in our logo is not decoration — it's the operating model. The same operators play offense on Monday and defense on Tuesday. Same range, both sides of the wire.

The same operator on both sides of the wire — offence in red, defence in blue. OFFENCE · TRAINED . ELITE DEFENCE · TRUSTED . FOCUSED Break the system. Hold the system. Adaptive Red Team OpsIntel-led adversary emulationPentestVA / CADFIRThreat huntingSOC trainingIntel-led detection TRAINED TO ATTACK. TRUSTED TO DEFEND Behind every resilient network is an operator who commands both.
24K+
Operators trained worldwide
120+
Engagements run since 2018
18
Critical sectors covered
31
Phygital labs deployed

From the range

Internal insights, field updates, and post-project takeaways

All insights

Field note · Adaptive Red Team

Inside a 90-day red team op against a tier-1 Indian airport

12 min read

Whitepaper · Cyber Phygital Lab

What a phygital ICS lab teaches that virtual can't

12 min read

Annual · Threat Intel

The 2026 threat intel calendar — India edition

Download

Step onto the range.

A 45-minute walkthrough with our team. Phygital lab, TAW live, your questions. No deck — you operate the keyboard.

Book a range tour Talk to consulting