Cybersecurity training is a key endeavour for ensuring that the IT workforce possess the knowledge and practical skills required to counter the ever-increasing cybersecurity threats that our society is faced with. While some related systems, such as Capture The Flag platforms, have been available for almost one decade, platforms that support full-fledged cybersecurity training exercises have only been released as open source in recent years. Given the complexity of such cybersecurity training platforms, the question that arises is how to meaningfully evaluate and compare their capabilities in order to identify the most suitable solution for a given type of organization and/or training activity. In this paper, we introduce a capability assessment methodology for cybersecurity training platforms that focuses on the three key aspects of training: content representation, environment management, and training facilitation. The assessment tool that we developed is used to evaluate two open-source cybersecurity training platforms, CyTrONE and KYPO. We then conduct a comparative analysis of these two platforms based on our first-hand developer experience with them, and discuss the lessons learned from implementing, deploying and using these platforms. The assessment tool and the detailed technical comparative analysis that we conducted are intended as instruments and references for anyone who plans to deploy or develop cybersecurity training platforms.
Read full abstract