26–28 February 2020
Wavespace, EY Amsterdam

EY and CybExer Technologies will organize the CYBER CoRe (Cooperative Resilience) event this year in the WaveSpace of the EY office in Amsterdam 26–28 February 2020. During this 3-day event your blue team skills will be tested in a Live Fire exercise of defending a full-scale IT Infrastructure against Red Team cyberattacks.

The CYBER CoRe event is an excellent opportunity for your IT security team to test their methodology and skills of mitigation, detection and response to high frequency cyberattacks that will be launched on their IT infrastructure. Multiple blue teams participate in the exercise and compete against each other to keep their IT infrastructure protected against attacks performed by a real-life Red Team and test their capabilities under the pressure of a continuous flow of attacks and real-life based scenarios. Participating in this event is an excellent way to test and develop your skills in handling real-life cyberattack by means of Identification, Protection, Detection, Response, Recovery and Reporting.


Day 0: 26th February 202009:00 – 10:00 Site setup and familiarization
10:00 – 12:00 Blue Team briefings, Gamenet and communication system introduction
12:00 – 13:00 Running lunch
12:00 – 14:45 Gamenet familiarization
14:45 – 15:30 Communication Checks
15:30 – 16:00 Blue Team Internal Strategy Meeting (roles, tactics)
16:00 – 16:30 Blue Team Gamenet Familiarization Continues
16:30 – 17:00 End of day 0 – Feedback Session
17.00 – All systems are reverted to initial state

Day 1: 27th February 202008:50 – 09:00 Communication checks
09:00 – 09:10 Opening remarks
09:10 – 09:15 Mission brief
12:00 Deadline for Blue Team Situation Report I (SITREP I)
12:00 – 13:00 Running lunch (Exercise continues)
15:30 Deadline for Blue Team Situation Report II (SITREP II)
16:30 End of Day 1, Gamenet closed
16:40 – 17:00 Feedback Session

Day 2: 28th February 202008:50 – 09:00 Communication checks
09:00 Mission Brief II and Day II starts
11.00 Deadline for Blue Team Situation Report III (SITREP III)
12:00 – 13:00 Running lunch (Exercise continues)
14:10 Deadline for Blue Team Situation Report IV (SITREP IV)
14:20 ENDEX of CoRe NLD Execution
15:00 Hot washup meeting
• White Team feedback to Blue Teams
• Red Team campaign overview
• Blue Team feedback
• Success
• Failures

Target group

The target audience is exclusively technical staff being involved in technical IT-security or cyber defense.
To be successful in the exercise, the team should have knowledge and experiences in the following areas:

System and Network Administration

• TCP/IP networking: knowledge of common network protocols, services and technologies like DNS, NTP, DHCP, HTTP, HTTPS, SMTP, POP3, IMAP, SSH, FTP, VoIP, at least basic knowledge about IPv6
• Administration of and securing Windows and Linux based systems. Some examples: Windows domain and Active Directory, workstations and servers based on different Windows versions, Linux servers running on Ubuntu and Debian distribution, Firewalls based on OPNsense or iptables, proxy servers, VMware vSphere virtualization platform, Administration of network devices, Programming skills in high-level language.

Web applications, technologies and development

HTML, client-side and server-side scripting such as JavaScript and PHP, SQL databases such as MySQL

Computer Network Defense

Monitoring, detecting, analyzing, reporting, resolving, security incidents

Costs & registration

The price for a seat in a blue team is € 2500 per person.

If you would like to participate please see registration info at EY website


Jurgen de Kok
Senior Manager Cybersecurity
+31 6 5555 2655

Niels Vonk
Manager Cybersecurity
+31 6 2125 1119

Have a look at a short video of the previous edition of the CYBER CoRe event from March 2019.