The project builds on the existing Network Defense Training Center initiative and aims to provide realistic, practice-oriented cybersecurity training environments for government agencies.
At the core of the project is the CAVE platform, which enables the automated deployment of realistic training environments. The infrastructure is provisioned as Infrastructure-as-Code using OpenTofu on OpenStack. Each participant group operates within its own isolated environment, accessible via OpenVPN and a web browser. The source code is publicly available on openCode.
Based on this platform, modular training courses are being developed that combine theoretical instruction, live demonstrations, and practical exercises. Participants investigate vulnerabilities, misconfigurations, and attack paths in realistic scenarios from both offensive and defensive perspectives.
The training modules are designed around current cyber threat scenarios and cover topics such as Open-Source Intelligence (OSINT), web security, phishing, Active Directory, privilege escalation, and lateral movement techniques.
The first five-day training module combines introductory theory with guided demonstrations and hands-on exercises. Additional modules focusing on areas such as phishing and blue team operations are planned.
Thanks to its modular design, the training content can easily be adapted to different audiences and requirements.
In the long term, the Network Defense Training Center 2.0 is also intended to support research, academic teaching, and professional training programs, helping strengthen digital resilience across public administration and society.
Security and resilience for the digital future: Our research strengthens the cybersecurity, safety, and data protection of businesses and governments.
