ESDC course on “Cyber Range – pentester tools”, 24-26 October 2023, Warsaw, Poland

The Cyber Security Training Centre of Excellence (CST CoE) of the Polish Ministry of Defence, Warsaw, under the auspices of the European Security and Defence College (ESDC), hosted a course on “Cyber Range – pentester tools”.

Newly-emerged, rapidly developing and wide-ranging cyber threats have impacted all business areas whose processes are supported by Information and Communication Technologies (ICT). Consequently, due to the high risk and considerable damage caused by the vulnerabilities of IT solutions, ensuring cyber security has been recognised as a pivotal objective and a cornerstone of today’s global stability.

The collective efforts of the Cyber Security Training Centre of Excellence in Warsaw and the European Security and Defence College led to the creation of this Cyber Range – pentester tools course, which is now offered to the EU community as a part of the ESDC’s Cyber Education Training Exercise and Evaluation (ETEE) platform.

The overall goal of this course was to deliver and enhance participants’ knowledge and practical skills in identifying potential vulnerabilities and of the contribution that ,penetration testing can make to improving cyber security. The course was run on the Cyber Range (CR) training platform, which provides unique opportunities for reflecting IT infrastructure and complex scenarios, including carrying out cyber-attacks in a dedicated virtual environment comparable to a “live fire” experience.

  The course was opened by Mr Paweł Dziuba, Director of the Cyber Security Training Centre of Excellence (CST CoE) and by Mr Giuseppe Zuffanti, cyber training manager and national expert at the European Security and Defence College (ESDC). Mr Dziuba and Mr Zuffianti welcomed participants, provided an overview of the EU Cyber Ecosystem and initiated an extremely useful tour de table.

The course was run in a fully residential format, from 24 to 26 October 2023 in Warsaw. The attendees were law enforcement, military and civilian personnel from EU Member States, EU national authorities, EU Institutions and EU Delegations and various EU bodies. All were mid-level to senior officials with a good knowledge of network operation and configuration and were familiar with the Linux operating system, including the terminal tool.

  We express our gratitude to the Director of the Cyber Security Training Centre of Excellence (CST CoE), Mr Dziuba, and the course director, for their committed participation in designing the course, in collaboration with the ESDC, and for managing the course. We also thank participants for attending all of the activities and for being open to learning, and we especially thank the experts of the CST CoE for their invaluable advice and insights during the course.

The next course to be run by the CST CoE under the auspices of the ESDC will take place from 5 to 7 March 2024 in Warsaw. The topic for that event will be “Cyber Range – cyber security in practice. The course programme will also be tailored to reflect the new ESDC standard curriculum approved by the ESDC Steering Committee during the last academic year. It will also be aligned with one of the profiles of The European Cybersecurity Skills Framework (ECSF) of ENISA namely the “Penetration Tester”.