CYBER CORE Tallinn 2019 November

25–27 November 2019
CybExer Technologies, Tallinn

CYBER CoRe comes back to Tallinn! EY and CybExer Technologies will organize the second CYBER CoRe (Cooperative Resilience) event of the Tallinn office of CybExer from Monday 25th until Wednesday 27th of November 2019. During this 3-day event participating blue teams can put their skills into use in practical live-fire exercise of defending a full-scale IT Infrastructure against red team cyberattacks.

Focusing on critical information infrastructure protection, the CYBER CoRe event is an excellent opportunity for your IT security team to test their methodology and skills of mitigation, detection and response to high frequency cyberattacks that will be launched on their IT infrastructure.

Participating blue teams can represent single organisations or can be comprised of members from different agencies and companies. Blue teams compete against each other to keep their systems protected against attacks performed by a real-life red team, and test their capabilities under the pressure of a continuous flow of attacks and real-life based scenarios. This gives participants a direct way to test and develop your skills in handling real-life cyberattack by means of Identification, Protection, Detection, Response, Recovery and Reporting.

The exercise will be conducted on CybExer Cyber Range Platform, which offers extensive customisations and simulations. Real-time reporting and visualisations guarantee instant feedback and analytical capabilities for participants and observers.


Day 0: 25th November 2019

  • 09:00 – 10:00 Site setup and familiarization
  • 10:00 – 12:00 Blue Team briefings, Gamenet and communication system introduction
  • 12:00 – 13:00 Running lunch
  • 12:00 – 14:45 Gamenet familiarization
  • 14:45 – 15:30 Communication Checks
  • 15:30 – 16:00 Blue Team Internal Strategy Meeting (roles, tactics)
  • 16:00 – 16:30 Blue Team Gamenet Familiarization Continues
  • 16:30 – 17:00 End of day 0 – Feedback Session
  • 17.00 – All systems are reverted to initial state

Day 1: 26 November 2019<

  • 08:50 – 09:00 Communication checks
  • 09:00 – 09:10 Opening remarks
  • 09:10 – 09:15 Mission brief
  • 09:15 – STARTEX
  • 12:00 – Deadline for Blue Team Situation Report I (SITREP I)
  • 12:00 – 13:00 Running lunch (Exercise continues)
  • 15:30 – Deadline for Blue Team Situation Report II (SITREP II)
  • 16:30 – End of Day 1, Gamenet closed
  • 16:40 – 17:00 Feedback Session

Day 2: 27 November 2019

  • 08:50 – 09:00 Communication checks
  • 09:00 – Mission Brief II and Day II starts
  • 11.00 – Deadline for Blue Team Situation Report III (SITREP III)
  • 12:00 – 13:00 Running lunch (Exercise continues)
  • 14:10 – Deadline for Blue Team Situation Report IV (SITREP IV)
  • 14:20 – ENDEX of CoRe Execution
  • 15:00 – Hot washup meeting
    • White Team feedback to Blue Teams
    • Red Team campaign overview
    • Blue Team feedback
      • Success
      • Failures

Target group

The target audience is exclusively technical staff being involved in technical IT-security or cyber defence. To be successful in the exercise, the team should have knowledge and experiences in the following areas:

System and Network Administration

• TCP/IP networking: knowledge of common network protocols, services and technologies like DNS, NTP, DHCP, HTTP, HTTPS, SMTP, POP3, IMAP, SSH, FTP, VoIP, at least basic knowledge about IPv6
• Administration of and securing Windows and Linux based systems. Some examples: Windows domain and Active Directory, workstations and servers based on different Windows versions, Linux servers running on Ubuntu and Debian distribution, Firewalls based on OPNsense or iptables, proxy servers, VMware vSphere virtualization platform, Administration of network devices, Programming skills in high-level language.

Web applications, technologies and development

HTML, client-side and server-side scripting such as JavaScript and PHP, SQL databases such as MySQL

Computer Network Defense

Monitoring, detecting, analyzing, reporting, resolving, security incidents

Costs & registration

The event is now sold out. Registration closed.