Training Blue Team

Training Blue Team#

Defender-focused labs, simulators, and CTF environments. The operator runs these to drill detection engineering, threat hunting, memory forensics, and incident response on the receiving end of their own tradecraft. Most are Windows-domain-shaped because that is where most defended estates live.

Labs#

CTF and IR#

Certification map#

The community-maintained Reddit progression chart at https://www.reddit.com/r/cybersecurity/wiki/certificationchart/ shows where defensive certs (Security+, BTL1, GCFA, GCIA, GCIH, CCSP) sit relative to each other. Treat it as a sketch, not a prescription.