CYRIN® is a next-generation cyber range platform featuring real tools, real attacks and real scenarios that provide hands-on training and experience that learners, managers and educators can use in realistic learn-by-doing scenarios. It has been used to train thousands of learners around the world, from university students just beginning to learn about cyber security to seasoned cyber defence professionals wishing to challenge themselves in new ways.

CYRIN has been available commercially for several years and is the product of more than 15 years of research and development into how students learn and how their progress can be measured. QA is proud to be the UK partner of choice for ATCorp delivering CYRIN to our clients.


CYRIN sets a new standard for cybersecurity training, innovation and design. Quick to set up and administer, low cost and user friendly, CYRIN has been engineered to challenge and sharpen the skills of even the most experienced IT professionals. 

CYRIN Cyber Range has been named 2021 Winner of the Fortress Cyber Security Award.

There are three parts to the CYRIN next-generation cyber range platform value proposition. Click on each button to read more:

Exercise Builder

Exercise Builder is available to subscribers that want to “author their own content” on CYRIN. Subscribers can port their own training content to the CYRIN platform for 24/365 browser-based cloud access. Subscribers can modify existing CYRIN learning content to customise training to specific and the proprietary requirements of the organisation.

Subscribers can create their own attack simulations on CYRIN and, finally, subscribers can create their own labs, exercises and attacks from scratch. Exercise Builder uses patented drag-and-drop methodology to develop custom networks with pre-configured or customisable virtual machines. Exercise Builder also uses intelligent agent technology to monitor learner progress at every stage of the completion of each course.



CYRIN Learning Content

CYRIN provides over 50 skills development interactive and immersive labs, individual and team exercises and incident attack scenarios to subscribers. Labs are usually completed by individual learners. Exercises can be completed by individuals or teams of individual learners, and attack scenarios can be completed individually or in groups. Attacks are set up so when the learner signs on to an attack, a complex IT or ICS (SCADA) network appears on the screen. In a few moments, the network is randomly attacked and subscribers are challenged to mitigate the attack and return the network to the pre-attack state.

Each lab, exercise and/or attack takes approximately two hours to complete. Recently, CYRIN introduced three full 40-hour courses (Introductory, Intermediate and Advanced). These courses are taught using video and PowerPoint, along with integrated CYRIN labs. Kevin Cardwell instructs each course. Whether a learner is completing a lab or a full course, all CYRIN learning can be paused and the platform will remember where he/she stopped so that learners can continue at their leisure.

Performance Management

CYRIN offers this powerful student assessment module where instructors and training managers can look at each student’s progress in real time. Performance Manager also allows instructors and managers to measure learner performance after labs, exercises, attacks or courses are completed. Finally, Performance Manager provides for all of the data analytics necessary to determine where large populations of students are having a hard time or need more help.


CYRIN’s focus is based on hands-on cyber lab exercises, whether performed individually or as part of a team. The CYRIN platform offers a number of benefits for organisations, security teams and individuals:

  • Each player or team event gets their own personal instance of the cyber range, and can access exercises at their own schedule. Exercises can be paused, with complete state saved, for later resumption.
  • All access is through a standard web browser; no special software or travel is required.
  • Players see real-time assessments of their progress, based on their actions within the virtual environment.
  • The Performance Management tool allows instructors and security managers to see details on individual learner activities, as well as metrics across a cohort of students. These metrics help guide the instructor and managers to where students are struggling or where more practice is required.
  • Integrated, context-sensitive instructions and hints guide students and help those that might be stuck.
  • CYRIN’s Learning Management System (LMS) is based on open standards and integrates with existing LMS systems using Learning Tools Interoperability (LTI), providing a seamless experience for learners.
  • Team-based scenarios allow for learners to collaborate, or compete head-to-head, in challenges set out by the instructor.

CYRIN currently offers 50+ labs, exercises and attacks covering a wide variety of IT-related and cyber security topics, with a number of additional scenarios in development.

Browse our Cyrin lab packages

Incident Response


You’ve been hacked, or you only suspect you’ve been hacked. Now what?

Network Monitoring & Recon


Once your network is set up securely, you must continue to be vigilant.

Vulnerability Scanning

Be aware of the tools potential adversaries are likely to use against your networks and your applications.

Web Application Security


Web-based applications are the most significant security exposure your organisation faces.

Secure Network Setup


Setting up your network securely is the first step in preventing attacks and misuse of your resources.

Cyber Forensics


You’ve been attacked. Now where do you go from here?

Secure System Setup


Set up individual network hosts securely, from individual workstations to server systems or cloud computing nodes.

Secure Web Application Setup


Securely configuring web server software and frameworks is the foundation of creating secure web-based services.

Industrial Control Systems/SCADA


Gain insight that addresses trends, challenges and best practices for defending Industrial Control Systems and SCADA networks.

Attack, Defence & Incident Response Scenarios


Test your abilities with virtual capture-the-flag, defacement, forensics and denial-of-service scenarios.

How do you use CYRIN?

There are several ways that subscribers apply the platform:

  • CYRIN can be used as a learning platform where learners learn with CYRIN existing learning content. CYRIN will introduce one new lab, exercise, attack or full course each quarter. During the balance of 2021, CYRIN will introduce another 9 labs, exercises, attacks and/or full courses.
  • CYRIN can be used as a publishing platform where CYRIN content can be used un-modified or the subscriber can modify CYRIN content to customise learning to the enterprise’s specific environment and requirements.
  • CYRIN can be used as a publishing platform to author completely new cyber security labs, individual or team exercises and incident attack scenarios.
  • CYRIN can be used as a generic publishing platform where any subject can be taught using CYRIN’s virtual machine, drag-and-drop authoring and intelligent agent technology.


To find out more about CYRIN and the CYRIN products available through QA, please fill out the contact form below and we will get back to you.

By submitting this form, you agree to QA processing your data in accordance with our Privacy Policy and Terms & Conditions. You can unsubscribe at any time by clicking the link in our emails or contacting us directly.