Incident Response Simulator

Interactive runtime-security incident response simulator: triage Falco alerts, lateral movement, crypto-miners, container drift, audit-log compromise, and eBPF-detected fileless attacks across 6 production scenarios. Free, no signup.

Interactive runtime-defense lab. Six scenarios drop you into the first 60 seconds of an incident: a Falco "shell in container" alert, lateral movement via stolen ServiceAccount tokens, crypto-miner indicators, Tetragon-detected container drift, audit-log triage of privilege escalation, and eBPF detection of fileless memfd-based attacks.

What You Practice

Recognizing production failure modes before they become incidents.
Connecting security, reliability, and operational choices to real engineering outcomes.
Building intuition through short interactive scenarios instead of passive reading only.

Related Practice

Kubernetes Security Simulator
Zero Trust Network Builder
API Attack & Defense
Supply Chain Defense Simulator
Service Mesh Routing Game
Threat Modeling Challenge

Continue with free courses or read production engineering articles.