Bad News for Black Hats: Why Our New Dynamic Threat Range Is Bound to Ruin Their Day
Welcome back to our series, “Behind the Scenes of Immersive One”! The following is a conversation with DaveSpencer, Immersive Product Manager for Technical Exercising, and RebeccaSchimmoeller Lead Product Marketing Manager. “Getting your SOC team off their desks for a multi-day drill is tough. Then, having them practice on a generic SIEM when your entire team lives and breathes in Splunk? I mean, practice is supposed to make perfect … That set-up is … flawed.” Rebecca: No kidding, Dave. It sounds like you heard from a lot of SOC Managers that their teams were running straight into what we call the ‘relevance gap.’ Can you break down what that actually means for hands-on analysts? Dave: Think of that 'gap' as the frustrating space between theory and reality. It’s when you force an analyst to practice on a generic, made-up tool, but their actual job is 100% in Splunk. It’s running an exercise on a simple, flat network when your real corporate network is a complex, segmented beast. Rebecca: So, the skills they're learning just don't transfer to the real world. Dave: Exactly. It’s why a team can get a 100% pass rate on a training module and still be completely unprepared when a real incident hits. It’s not just wasted time; it’s a false sense of security. Rebecca: So, how does our new Dynamic Threat Range capability solve that? How do we close that gap for good? Dave: By blowing it up entirely. We built this from the ground up to be hyper-realistic. Dynamic Threat Range is the only capability on the market that lets teams run live-fire exercises in a high-fidelity replica of an enterprise environment, using licensed security tools. At launch this November, we’re talking native support for Splunk and Elastic. This isn't just replaying logs; it's an authentic, full-chain adversary attack, built by our elite C7 threat team, running on the exact tools teams use every single day. Rebecca: Okay, so that’s a game-changer for the hands-on user and, no doubt, from managers too. They’re struggling to prove where their team is at in order to help them improve. How do we help them with this? You know, move beyond a pretty unhelpful "pass/fail"? Dave: Right. That's actually a core pillar we’ve built against. With Dynamic Threat Range, customers move beyond arbitrary scores. Our design is all about objective proof of readiness. We're giving managers the hard data they need to prove their team’s capability and justify their security spend. Rebecca: Oh … tell me more! Dave: At launch, we’re measuring key metrics like Time to Detect, Time to Escalate, and Investigation Accuracy. It’s the only way to get verifiable, evidence-based data on performance. “In a real attack, the platform doesn’t tell you if you’re right or wrong. So why should your exercise?” Rebecca: Running full-chain attacks on a replica of a customer's environment sounds incredibly complex. I can just hear the IT and Ops teams groaning about setup, VPNs, and operational overhead. Dave: (Laughs) Yeah, we heard that, too. And that’s why we made it 100% browser-based. No VPNs. No operational headaches. You get into the exercise and start learning in seconds. We also designed the exercises to be practical. Getting a SOC team offline for a multi-day drill is really hard. So, these default to 4 hours—intense, focused, and easy for a manager to schedule. You can extend it to 24 hours if you want to practice handovers between shifts, but the goal is zero friction. Rebecca: I love that. So, as an analyst, what can I actually do in these 4-hour exercises at launch? Dave: We’re launching with two critical exercise types. First is Digital Forensics and Incident Response (DFIR), where you join after the attack has happened and you have to use your Splunk or Elastic instance to piece together what went wrong. The second is Threat Hunting, which I love. You're in the environment as the attack itself is kicking off, and you have a detailed threat intelligence pack to work from, allowing you to proactively detect the threat before it causes real damage. It’s the difference between being a digital archaeologist and being the hunter on the ground. Rebecca: So cool! This is already huge, Dave. Knowing you, though, the team is just getting started. What’s the long-term vision? Dave: We're moving fast. We’re already working on Microsoft Sentinel support for Q1 2026. After that, we’re building out exercises for the entire security lifecycle—Containment, Recovery, Red Team, and Purple Team drills. The vision is to let you exercise every part of your security function and then benchmark your performance against your industry peers. That’s the real holy grail: knowing exactly where you stand. Rebecca: Dave, this is incredible. The passion you and the team have for solving this real-world problem is clear. Thanks so much for geeking out with me today. Dave: Any time. We're just excited to get it in people's hands. Final Thought The days of generic, classroom-style training are over. Dynamic Threat Range finally bridges the gap between practice and reality, allowing your teams to build muscle memory on the actual technology they are paid to protect. It moves your entire security function from ‘we think we’re ready’ to ‘we know we’re ready’—with the data to prove it. Want to see how it works? Don’t miss this demo.Unlock seamless learning: Immersive and Workday Connector powered by Workday’s SOAP API
What is the Immersive Workday Connector? The Immersive Workday Connector is designed to bridge the gap between our cutting-edge cybersecurity skills development platform and your organization's core HR and talent management system, Workday. This integration simplifies the delivery and tracking of critical cybersecurity training, ensuring your teams are equipped to face the evolving threat landscape. The power of SOAP API integration By leveraging Workday's Simple Object Access Protocol (SOAP) API, we've taken our integration to the next level. This technology enables a more direct and robust communication channel between Immersive and Workday, unlocking a range of powerful benefits: Direct learning assignment and enrollment: Assign targeted Immersive content directly within Workday Learning. The SOAP API enables the seamless transfer of enrollment information, making it easier than ever to assign relevant training based on roles, skills gaps, or development plans. Real-time completion tracking and reporting: Gain immediate visibility into your team's progress. As users complete Immersive exercises, completion records are transmitted back to Workday in real time via the SOAP API. This provides accurate and up-to-date insights for compliance, performance reviews, and skills gap analysis. Enhanced data integrity and accuracy: The direct API connection minimizes the potential for data discrepancies and ensures a consistent view of learning and development activities across both platforms. Scalability and reliability: The robust nature of Workday's SOAP API ensures a scalable and reliable integration that can grow with your organization's needs. Key benefits for your organization Streamlined learning workflows: Simplify the process of assigning, accessing, and tracking cybersecurity training. Improved administrative efficiency: Reduce manual tasks associated with user management and learning administration. Enhanced visibility into skills development: Gain comprehensive insights into your team's cybersecurity capabilities. Data-driven decision making: Leverage accurate learning data to inform training strategies and talent development initiatives. Seamless user experience: Provide your employees with a unified and intuitive learning environment. Getting started with the Workday SOAP API Connector If you're already a Workday and Immersive customer, connecting via the SOAP API is a powerful upgrade. Reach out to your Immersive Customer Success Manager or our dedicated integration team to learn more about the setup process and how to leverage the full potential of this enhanced integration. The future of integrated cybersecurity learning The Immersive Workday Connector, now powered by the Workday SOAP API, represents our ongoing commitment to providing seamless and effective solutions for developing critical cybersecurity skills. We believe that by integrating learning directly into your core HR system, we can empower organizations to build a more resilient and capable workforce. Future integrations We’re on a mission to create integrations with LMS systems. Is there an integration you’d like to see? Let us know what it is!Supercharge your cybersecurity skills development: Immersive integrates with Degreed
In this blog post, I explore benefits of the integration, what it means for you, and how you can leverage it to build a world-class cybersecurity team. Seamless access to Immersive content Accessing Immersive Labs' extensive catalog of labs is now easier than ever. We've integrated directly with Degreed's file transfer protocol (FTP), allowing you to browse and select from our entire library of practical cybersecurity challenges directly with the Degreed platform. This streamlined access simplifies the learning journey and encourages continuous skills development. Track progress and demonstrate impact with xAPI Demonstrating the impact of your learning initiatives is crucial. That's why we've implemented xAPI integration. As your team completes Immersive Labs exercises, detailed completion records are automatically sent to Degreed. This provides valuable insights into individual and team progress, allowing you to identify skill gaps, track improvement over time, and measure the effectiveness of your cybersecurity training programs. With xAPI, you can clearly view your team’s evolving skillset and make data-driven decisions for future training investments. What this means for you: Personalized learning: Combine Immersive Labs' hands-on exercises with Degreed's personalized learning paths to create a truly tailored skills development experience for each team member. Streamlined workflow: Access and launch Immersive Labs content directly within Degreed, eliminating the need to navigate between different platforms. Data-driven insights: Leverage xAPI integration to track progress, identify skill gaps, and measure the impact of your cybersecurity training programs. Enhanced engagement: Keep your team motivated and engaged with interactive, hands-on labs delivered seamlessly through the Degreed platform. Improved skills development: Accelerate the development of critical cybersecurity skills and build a more resilient and capable workforce. How it works: The integration is designed to be as seamless as possible. Your Degreed administrator will configure the connection to Immersive Labs via FTPs. Once configured, the Immersive Labs catalog will be available within Degreed. Learners can then discover and engage with labs directly within their Degreed learning paths. Behind the scenes, xAPI ensures that all learning activity is tracked and reported back to Degreed. Getting started: If you're an existing Immersive Labs and Degreed customer, reach out to your Immersive Labs Customer Success Manager to learn more about enabling the integration as it’s available to all Immersive Labs customers. They will guide you through the setup process and answer any questions you may have. The future of cybersecurity skills development is here The Immersive Labs and Degreed integration represents a significant step forward in cybersecurity skills development. By combining the power of hands-on learning with personalized pathways and data-driven insights, we're empowering organizations to build the cybersecurity teams of the future. We're excited about the possibilities this integration unlocks and can't wait to see its impact on your organization's cybersecurity posture. Share your thoughts While we look to expand the platforms we integrate into, we're eager to hear your perspective! Comment below with your questions, ideas, and how you plan to use this integration as well as other integrations you'd like to see.Elevate your cybersecurity training: Immersive now integrates with Cornerstone LMS
This integration combines the hands-on, engaging learning experience of Immersive Labs with the robust learning management capabilities of Cornerstone, creating a comprehensive and efficient solution for your cybersecurity training needs. What this integration means for you: Streamlined access to Immersive Labs content: Access our extensive library of labs directly within Cornerstone LMS. This allows your learners to seamlessly launch Immersive Labs and engage with the training they need, all within their familiar Cornerstone environment. Automated tracking and reporting: Leveraging the xAPI (Tin Can API) specification, the integration automatically sends detailed completion records from Immersive Labs to Cornerstone. This allows you to track learner progress, identify skill gaps, and measure the effectiveness of your cybersecurity training programs, all within your familiar Cornerstone environment. Enhanced learning experience: Provide your teams with engaging, hands-on cybersecurity training that translates directly to real-world skills. Immersive Labs' interactive simulations and challenges keep learners motivated and invested in their development. Improved efficiency: Reduce administrative overhead by automating tasks such as user provisioning, content updates, and progress tracking. This frees up your learning and development team to focus on more strategic initiatives. Data-driven insights: Gain valuable data on learner performance and skill development, enabling you to make informed decisions about future training investments and tailor learning paths to individual needs. How it works: The integration is designed for simplicity and ease of use. Your Cornerstone administrator will configure the connection to Immersive Labs, enabling the seamless flow of data between the two platforms. Learners can then access and launch Immersive Labs content directly from their Cornerstone learning paths. xAPI ensures that all learning activity is automatically tracked and reported back to Cornerstone, providing a comprehensive view of learner progress and skill development. Getting started: If you're an existing Immersive Labs and Cornerstone customer, reach out to your Immersive Labs Customer Success Manager to learn more about enabling this integration. They’ll guide you through the setup process and answer your questions. The power of connected learning: The Immersive Labs and Cornerstone integration represents a significant advancement in cybersecurity skills development. By connecting engaging, hands-on learning experiences with robust learning management capabilities, we're empowering organizations to build a more skilled and resilient cybersecurity workforce. Share your thoughts This is just the beginning! We're committed to expanding our integrations to provide you with an entirely seamless learning experience. Share your thoughts on this integration and tell us which platforms you'd like to see us connect with next in the comments below.Enhancing Cyber Resilience through Data Insights: Immersive’s REST API
Seamless access to your Immersive data Our REST API offers easy access to your Immersive data. Once authenticated, you can access your organization’s data by making REST API requests to any of the available endpoints. These endpoints can be reviewed in our REST API documentation. What this means for you Data at speed – Your Immersive data is just a request away. With each API request, you can quickly gather and manipulate your data as needed. Flexible design – Utilizing our REST API offers significant control over the process of transmitting data from Immersive to a target system of choice. System integration – Each API response will be received as JSON formatted data, allowing straightforward integration with BI systems, databases, or any other target system. How it works API requests to our various available endpoints allow you to seamlessly pull Immersive data and relay it to your system of choice. Gathering data via the REST API offers unparalleled flexibility and control over when and how your data is transmitted. Who can do this To generate an API key and secret token, you must have an administrator account in Immersive. If you’re interested in working with the REST API, but don’t have the proper permissions to initiate the process, please reach out to an Immersive administrator within your organization. Getting started From an Immersive administrator account, navigate to the Platform Settings sections within the Manage tab at the top of your screen. Once in the platform settings, navigate to API within the sidebar. You should then see the option to Generate API key. Select this option and add an appropriate label that describes the intended use. After clicking Generate, you should see an Access key and Secret token that can be copied and utilized for the initial authentication. Once you’ve generated your Access key and Secret token, please follow our REST API documentation and API Guide for authentication, requests, and pagination guidance. The documentation also includes each of the available API endpoints. If you have any questions or issues as you implement your API connection, please contact our support team, and we will help ensure a smooth integration. The future of cybersecurity skills development is here The Immersive REST API represents a significant step forward in cybersecurity skills development. By combining the power of hands-on learning with personalized pathways and data-driven insights, we're empowering organizations to build the cybersecurity teams of the future. We're excited about the possibilities this integration unlocks and can't wait to see the impact it has on your organization's cybersecurity posture. Share your thoughts While we continue to develop this powerful integration, we would love to hear from you! If you have specific use cases for the Immersive REST API, please let us know in the comments and our team can look into the feasibility of each possible enhancement. We're on a mission to enable more integrations, so tell us, which other integrations would you like to see this year?
