Certifications are one way to hire qualified job applicants for your SOC, but do they truly measure what your cyber defenders can do? What hands-on skills do users have to defend your network and how do you measure them? CyberStronger has created the ultimate tool to help you understand your cyber team’s knowledge, skills, and abilities: the CYBRScore® Skills Assessments.

Mapped to NIST-NICE framework, our practical, hands-on scenarios are a valuable tool designed to measure the skills of your team members, optimize their training pathways, and increase the resiliency of your organization. CYBRScore® Skills Assessments:

  • Analytically quantify competency in job related tasks
  • Align to industry standard work role definitions
  • Provide immediate feedback to individuals and managers
  • Save time and money by identifying skills gaps and recommending improvement opportunities

Adherence to specific tactics, techniques, and procedures (TTPs) is vital in the cyber security realm. A CYBRScore® Skills Assessment scores a user’s actual approach to completing any task. This fine-grain task scoring provides detailed insight into the student’s operating skill level. We can tell if a user is on the right track or vastly underperforming against approved TTPs.

View a Sample Report

Register and take a CYBRScore® Skills Assessment for FREE!

Current CYBRScore® Skills Assessments

Cyber Defense Analyst - PR100
PR100

Cyber Defense Analyst

The CYBRScore® Cyber Defense Analyst assessments are designed to assess an individual’s knowledge, skills and abilities related to using data collected from cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purpose of mitigating threats.

The CYBRScore® PR100 Cyber Defense Analyst is comprised of the following assessments:

  • Protocol Analysis
  • Intrusion Detection
  • Incident Handling Methodology
  • Network Defense Analysis
  • Network Attack Analysis
Vulnerability Assessment Analyst - PR400
PR400

Vulnerability Assessment Analyst

The CYBRScore® Vulnerability Assessment Analyst assessments are designed to assess an individual’s knowledge, skills and abilities related to performing assessments of systems and networks within the network environment or enclave and identifying where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measuring effectiveness of defense-in-depth architecture against known vulnerabilities.

The CYBRScore® PR400 Vulnerability Assessment Analyst is comprised of the following assessments:

  • Intelligence Gathering
  • Red Team
  • Blue Team
Cyber Defense Forensics Analyst - IN300
IN300

Cyber Defense Forensics Analyst

The CYBRScore® Cyber Defense Forensics Analyst assessments are designed to assess an individual’s knowledge, skills and abilities related to analyzing digital evidence and investigating computer security incidents to derive useful information in support of system/network vulnerability mitigation.

The CYBRScore® IN300 Cyber Defense Forensics Analyst is comprised of the following assessments:

  • Network Collection and Handling
  • File Collection and Analysis
  • Malware Analysis
Cyber Defense Incident Responder - PR300
PR300

Cyber Defense Incident Responder

The CYBRScore® Cyber Defense Incident Responder assessments are designed to assess an individual’s knowledge, skills and abilities related to investigating, analyzing, and responding to cyber incidents within the network environment or enclave.

The CYBRScore® PR300 Cyber Defense Incident Responder is comprised of the following assessments:

  • File Collection and Analysis
  • Reporting and Remediation
Secure Software Developer - SP300
SP300

Secure Software Developer

The CYBRScore® Secure Software Developer assessments are designed to assess an individual’s knowledge, skills and abilities related to developing, creating, maintaining, and writing/coding new (or modifying existing) computer applications, software, or specialized utility programs.

The CYBRScore® Secure Software Developer assessments are available for the following programming languages: C#, C++, Java, Python, and PHP.

Technical Support Specialist - OM300
OM300

Technical Support Specialist

The CYBRScore® Technical Support Specialist assessment is designed to assess an individual’s knowledge, skills and abilities related to providing technical support to customers who need assistance utilizing client-level hardware and software in accordance with established or approved organizational process components (i.e., Primary Incident Management Plan, when applicable).

Network Operations Specialist - OM400
OM400

Network Operations Specialist

The CYBRScore® Network Operations Specialist assessment is designed to assess an individual’s knowledge, skills and abilities related to planning, implementing, and operating network services/systems, to include hardware and virtual environments.

System Administrator - OM500
OM500

System Administrator

The CYBRScore® System Administrator assessment is designed to assess an individual’s knowledge, skills and abilities related to setting up and maintaining a system or specific components of a system (e.g. for example, installing, configuring, and updating hardware and software; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures).

How it Works

PerformanScore

CYBRScore Skills Assessments use our patented PerformanScore technology and consists of three main parts:

  • Virtual Network Environment: Challenge based tasks are presented to the candidate in a live virtual network environment
  • PerformanScore Server: Monitors student actions in real-time and determines when challenge objectives have been satisfied
  • Analytics and Reporting Tool: Detail reports provide fine-grain results on candidate achievement. Analytics can also be communicated out to external systems using a WebAPI interface

View a Sample Report

PerformanScore®

Today’s cyber security proficiency is measured using knowledge-based certification exams.

But how does one measure actual ability?

There is an immediate need to close the skills gap in the cyber security field as quickly and efficiently as possible. Traditional multiple choice, knowledge-based examinations and certifications have developed a first phase of measurement, but today’s workforce requires measurements in hands-on skills. In the cyber security realm, performance and results matter most. Students become more proficient and provide better results through performance-based learning and demonstration. When measuring cyber security aptitude, evaluating candidates based solely on their knowledge of cyber theory yields an incomplete picture.

ENTER PERFORMANSCORE

PerformanScore® is a performance-based scoring platform that uniquely and adaptively measures skills across a range of credible responses to a defined set of tasks, allowing for a consistent and immediate evaluation. More than an emulated testing environment, PerformanScore tracks commands, file changes, configuration changes, and network changes on live systems in real time. Furthermore PerformanScore assesses a user’s actions against grading criteria via an adaptive scoring rubric. PerformanScore maps key knowledge, skills, and abilities into a set of gradable tasks based on a scenario that runs within a virtual environment. The rubric evaluates the user’s approach and proficiency within the environment.

With PerformanScore®, learning institutions and certification bodies can evaluate a student’s actual performance and decision-making skills in a live environment, using industry-standard cyber security tools against real-world technical challenges. PerformanScore gets results.

MORE INFORMATION

Adherence to specific tactics, techniques, and procedures (TTPs) is vital in the cyber security realm. PerformanScore captures and scores a student’s actual approach to complete any task. This fine-grain task scoring provides detailed insight into the student’s operating skill level. PerformanScore can ascertain if a student is on the right track or vastly underperforming against approved TTPs.

PerformanScore is introduced easily and rapidly into any virtual lab, challenge, or examination environment. Once the examination or lab exercise is PerformanScore enabled, an initial rubric is created by running through the exam and evaluating the scoring. PerformanScore identifies specific deficiencies in skill level that go undetected with typical training programs, helping to avoid costly errors in an operational environment.

Other benefits include:

  • Tests objectively, not subjectively
  • Provides clear results
  • Can be used with Hyper-V, VMware, or other virtual environments
  • Allows for flexible licensing
  • Permits local or cloud-based scoring
  • Prevents cheating

PerformanScore asks users to validate the skills they have learned in a real-world environment with real-world tools. This provides an assessment that the students cannot cram for, solutions they cannot guess at and an examination where they do not get credit for an action they did not complete. PerformanScore provides a true assessment of students’ skills and abilities, allowing companies to know they can rely on their performance on the job.

PerformanScore consists of three main parts: (1) the scoring server, (2) clients, and (3) plugins. The client and plugins are installed on the machines or virtual machines that are part of the instructor/developer environment. As a student works to complete each tasks, the plugins collect information from the machines and forward it to the client. Periodically, the client pulls the data from a local database and sends the information to the scoring server. The scoring server checks the data against the rules created by the instructor/developer. If the data matches a rule, the student accumulates a score for the associated task.

PerformanScore

PerformanScore captures any changes to firewalls, software, hardware, registries, files, commands issued, and responses as seen by the student. The platform scores students’ changes to network infrastructure and posture, their use of software tools to lock down or infiltrate a network, and the actions they take to secure or exploit a network. In addition, PerformanScore replays students’ actions in a compressed timeline as part of an after-action report.

PerformanScore was designed by industry-certified cyber security experts who specialize in student evaluation and instructional systems design. PerformanScore becomes a powerful and scalable tool when paired with a virtualization solution, giving evaluators the ability to access results and manage rubrics in one place.