GraphLattice Range, now in early access

Rehearse the incident you will actually get.

The breach you get starts with an identity, then pivots into your cloud and data. GraphLattice Range lets your team work those exact incidents end to end, scored on the same model used to detect them.

AI drafts each scenario from live threat intelligence, an expert approves it, and your team trains on it.

Start free Explore Range

New to incident-response training? See how it works →

Free Community Edition. No credit card.

Live threat intelRecent actively-exploited threats, already trainable in Range · source CISA KEV, updated daily

CVE-2026-0257Palo Alto Networks PAN-OS: Authentication Bypass Vulnerabilityransomware2026-05-29CVE-2026-1111Adobe Acrobat Reader: Use-After-Free Vulnerabilityransomware2026-05-20CVE-2026-42897Microsoft Exchange Server: Cross-Site Scripting Vulnerabilityransomware✓ in RangeCVE-2026-20182Cisco Catalyst SD-WAN: Authentication Bypass Vulnerabilityransomware2026-05-14CVE-2026-1340Ivanti Endpoint Manager Mobile (EPMM): Code Injection Vulnerabilityransomware✓ in RangeCVE-2026-20131Cisco Secure Firewall Management Center (FMC): Deserialization of Untrusted Data Vulnerabilityransomware2026-03-19CVE-2026-20963Microsoft SharePoint Server: Deserialization of Untrusted Data Vulnerabilityransomware✓ in RangeCVE-2024-21762Fortinet FortiOS: Out-of-Bound Write Vulnerabilityransomware✓ in RangeCVE-2023-4966Citrix NetScaler ADC and NetScaler Gateway: Sensitive Information Disclosure Vulnerability (CitrixBleed)ransomware2023-10-18CVE-2024-55591Fortigate: The Gentlemen Ransomware - FortiGate Edge Breach to ESXi Ma…✓ in RangeCVE-2024-21410Exchange: Exchange Server Privilege Escalation via NTLM Relay (CVE-20…✓ in RangeCVE-2020-1472Netlogon: Zerologon - Netlogon Privilege Escalation (CVE-2020-1472)✓ in RangeCVE-2021-42278AD: noPac - sAMAccountName Spoofing (CVE-2021-42278/42287)✓ in RangeCVE-2024-49019AD: ADCS ESC15 - EKUwu Application-Policy Injection (CVE-2024-4…✓ in Range

300+Attack scenarios

12+Platforms & clouds

5IR phases per scenario

100%MITRE ATT&CK + D3FEND mapped

What Range gives you

Real attacks, full loop

Every scenario is a documented attack across AD, Entra, M365, Intune, AWS, Azure, GCP, Okta, and Snowflake. You run detection, containment, eradication, forensics, and recovery.

Train the way you defend

Decisions are scored on the same identity and cloud graph model used to detect these attacks in production. Training and detection share one mental model.

Always current

Scenarios are drafted from live threat intelligence and published after review, so the library tracks what is actually being exploited.

How we build

AI-first. Automation-first. Human in the loop.

We build the way we believe security should run. AI and automation do the heavy lifting, and a person makes the call. The work reaches you fast and still earns your trust.

AI-first

AI drafts every scenario from live threat intelligence, so the library moves at the speed attackers do, not the speed of a content calendar.

Automation-first

Drafting, validation, and staging run end to end as a pipeline. A newly exploited technique becomes a trainable scenario in days, not quarters.

Human in the loop

A practitioner reviews and approves every scenario before it ships. Nothing reaches your team unreviewed, and you decide what counts as the correct response.

Free to start

Start free. Stay free.

GraphLattice Range has a free Community Edition that stays free, so anyone can start training today. No credit card, no waiting.

Community FREE

Free

The free way in. Run real incident-response scenarios end to end.

One hands-on scenario from every system, refreshed monthly: AD, Entra, M365, AWS, Azure, GCP, Okta, SaaS, and more
The full IR loop: detect, contain, eradicate, investigate, recover
Decisions scored on the identity and cloud graph model
Debrief, achievements, and a completion certificate
Play at your own pace, with progress saved automatically
No credit card

Start free

Create your free account

GraphLattice Range Community Edition is free. We are in early access: leave your email and we will send your access and a guided session.