Multiple Scenarios, One Platform
Large-scale exercises suffer from communication fragmentation, lack of traceability, scattered documents, and coordination gaps between partner nations. HexShield solves these problems by adapting to any cyber defence training context — from NATO-scale international exercises with hundreds of participants to focused team drills and academic labs. Configure different scenarios, manage diverse teams, and let participants prepare before the exercise begins.
Primary Use Case Scenarios
Large-Scale International Cyber Defence Exercises
Run national or multinational cyber defence exercises — such as NATO Locked Shields, Cyber Coalition, or regional equivalents — with full communication and coordination infrastructure. Manage hundreds of participants across multiple Blue Teams from a single command point. Teams prepare for the exercise using checklists and documentation, coordinate through email and chat during execution, log incidents in the MISP module, and produce comprehensive after-action reports — all within an isolated network that mirrors real operational environments.
Red Team / Blue Team Training
Set up diverse attack-defence scenarios where Blue Teams use HexShield to coordinate their defence strategy. Before the exercise, teams prepare hardening checklists and document their defence playbooks in the wiki. During execution, automated screenshot monitoring shows the real-time state of defended applications, task checklists ensure every step is tracked, and threat intelligence entries document each detected attack for post-exercise review and scoring.
SOC (Security Operations Center) Drills
Simulate realistic SOC workflows with structured incident logging, tiered escalation through email, and real-time coordination via chat channels. Configure different scenario injects — from ransomware attacks to insider threats — and observe how your analysts respond. The MISP module captures indicators of compromise, while reports and analytics dashboards give supervisors full visibility into analyst performance, response times, and decision quality.
Academic Cyber Security Labs
Provide students with a complete, self-contained exercise environment. The integrated wiki serves as course material, Gitea hosts lab scripts and tools, task checklists guide students through exercises, and the reporting module lets instructors assess individual and team performance.
Incident Response Tabletop Exercises
Run tabletop exercises where participants document their response decisions in real time. The calendar schedules inject events, email delivers scenario updates, and the MISP logger captures every decision and observation for comprehensive after-action review.
Ready to Command Your Next Exercise?
Deploy HexShield in minutes and manage your entire exercise team from a single platform. No cloud subscriptions, no vendor lock-in, no data leaving your network.
Schedule a Demo