​The CYBERIUM ARENA is a simulator for SOC, Forensics, Network Penetration, Web Penetration, IoT, ICS/SCADA, and more.


  • Supports both on-site and cloud-based operations

  • Manages the various scenarios

  • Includes intuitive Web-Based UI to control the training and data

  • Can be customized to accommodate any topic or scenario in the cyber-world

  • Includes virtual networks and appliances

  • The on-site simulator supports physical modules such as ICS/SCADA, Forensics

  • Operates through an intuitive and simple-to-use interface

  • Shows real-time progress of the students

  • Collects detailed data on each student and each team, by scenario and by groups of scenarios


T1 (OPERATOR) screen

Main screen used by the trainer to show the progress of the class in real time.


The student uses the CYBERIUM CLIENT to access the simulator. The client features a slick UI with a mission screen and helpful tools for solving the scenarios.


Another main screen used by the trainer that calculates all the previous scores in real time. 


ICS/SCADA system controls are most of the critical infrastructures today – such as trains, power plant, electricity, etc.


The system may seem safe, but it is still penetrable. One should truly understand how to penetrate, in order to find out effective ways to defend.


Using the ICS/SCADA simulator, students will learn the components and architecture, latest threat information, and how to penetrate ICS/SCADA system. Actual field devices and ICS/SCADA simulation will be utilized to teach zero-day vulnerabilities found on ICS/SCADA related product and how to find zero day vulnerabilities.



ThinkCyber’s unique advantage is custom-designed ICS/SCADA models that mirror a company’s working environment such as:

  • Water & Wastewater

  • Elevator Control Systems

  • Transportation

  • Oil and Gas Production

  • Power Transmission & Distribution

  • Process Manufacturing



The system is controlled via an intuitive web interface allowing you to choose scenarios, add users, start and stop various scenarios according to your choice and package.

Every scenario includes a manual and explanations which help in supporting the trainer in assisting the participants.


Each scenario has a set of problems, featuring various servers and networks to expose participants to the variety of issues they will face in the real world.


Educational scenarios guide participants through the mission, providing information and tools, and teaching skills as needed. An example of an educational scenario would be:  Someone has hacked into a bank’s online system.  The student is directed to look first at the logs and identify the attacker; then to look for the backdoor and create a defense using firewall rules; finally, to write a report and handle other suspected connections properly.


Real-life scenarios provide participants with actual past or possible situations from cyber-security or cyber-terrorism to solve.  An example of a real-life scenario would be:  The police computer system has been attacked.  The mission is to identify the attacker, repair the damage, and secure the system against future attacks.

Scenario: CSI008G​

"An attack happened on a train in Europe. Senior intelligence officers suspect that another train attack may be carried out. We tried getting the memory dump but couldn’t get them to cooperate."


Mission: stop the next train attack

Scenario topics: ICS/SCADA Security, Ransomware, Exploitation, Forensics.

Duration: 7 hours

© 2020 by ThinkCyber

Ze'ev Jabotinsky St 7,

Ramat Gan, IL.