10th anniversary of the KYPO Cyber Range Platform

14 Apr 2023

No description


years of hard work


trained professionals


large scale cybersecurity exercises


Thesis: 1 PhD, 39 Master, 56 Bachelor


research papers


great team


No description

No description

No description


The Story 

  • 2009

    It all started in 2009, in a small office at Masaryk University, with just a few IT experts, an old coffee machine, and a passion for cybersecurity. Over the years, our team CSIRT-MU was formed, we grew to more than 30 members, and we helped to solve hundreds of incidents, garnering expertise in the field.

    As we progressed, our concern about society's dependence on IT was rising. We received calls from various organizations for professional help and witnessed the severity of the issue firsthand. A persistent long-term problem arose: the need for cybersecurity experts.

Born in the Cybersecurity Team of Masaryk University.

The KYPO project started at the Masaryk University.

  • 2013

    We contacted the National Cyber and Information Security Agency (NÚKIB) to propose creating a cyber range platform, allowing professionals to learn cybersecurity in practice. The dialog turned into the "KYPO" research project, funded by the Ministry of the Interior of the Czech Republic in 2013.

    The KYPO is an abbreviation for the project's official name, Cybernetic Polygon. In Czech, the word polygon means the training ground for some technology. This meaning is usual in the army.

  • 2015

    We faced numerous obstacles in the project; however, in the end, we created a sophisticated virtual environment called the KYPO Cyber Range Platform (KYPO CRP).

    In 2015, we successfully organized the first Czech technical exercise Cyber Czech, in cooperation with the NÚKIB powered by the platform. The aim was to prepare security personnel for work under the pressure of an ongoing massive cyber-attack. 

The first Czech cybersecurity exercise – CyberCzech, was powered by the KYPO CRP. 

Best Security Research Award by the Czech Ministry of the Interior.

  • 2016

    After this, we received the award of the Minister of the Interior of the Czech Republic for security research.

    Our successes led to the initiation of follow-up research and training activities. We trained hundreds of cyber security professionals and students using the KYPO CRP

  • 2020

    We felt this was insufficient globally, so we decided to make the platform available as open-source software to allow any organization to download and use it to create training for their employees or students.

    Thanks to the H2020 CONCORDIA project, we successfully released it to increase the availability of hands-on cybersecurity education in 2020.

We released KYPO CRP as open-source.

Best Innovation in the Disruptive Technology.

  • 2021

    Since that time, we have engaged in activities at the European level. As part of the cybersecurity competence pilot project, we have aimed our actions to boost European resilience.

    The sign that our direction is right was the victory in the 7th edition of the European Commission's Innovation Radar competition in the Disruptive technology category in 2021.

  • 2023

    We formed many new partnerships and promoted the platform a lot. Notably, we joined the REWIRE project to help create training for the European Cybersecurity Skills Framework and the CHESS project to transfer knowledge and cybersecurity training with Estonia.

    However, we have also worked hard on the technology, resulting in several new platform versions bringing significant improvements. Even though the CONCORDIA project ended in March 2023, our initiative continues to pursue our mission. 

We continue, driven by a mission of boosting the resilience of our society.


Our vision and challenges

Everybody can be part of the growing community

  • We are convinced that Europe can be only stronger and more resilient together.
  • For this reason, we are building a community of KYPO CRP users from academia, the public sector, and industry.
  • Everybody can have something to add to our common goal. It can be a development force, new content, or promotion of our platform.

Foundation governing the KYPO CRP is established and running

  • To support the development of the KYPO CRP, we are actively looking into creating a foundation governing the platform's future growth.
  • It should also be responsible for negotiation on the highest levels and providing financing for future development.
  • Hopefully, it will lead to the adoption of KYPO CRP by organizations like ENISA and ECCC.

Open content and supporting tools are available to everyone

  • Open content means scenarios must be freely available, easily editable, and shared within the community.
  • To fulfill this goal, KYPO CRP uses everything as code methodology. The practice of everything as code (EaC) is where policy files govern all aspects of software development, delivery, and management. It extends most organizations' scalable and repeatable approach to app development – where processes are defined, codified, and followed automatically – to other IT components, such as infrastructure and configuration.
  • The EaC approach enables scenario developers to create training scenarios and infrastructure resources in a human-readable format that can be automatically verified and requires minimum manual tasks to deploy.

Utilization of other cloud platforms (AWS, MS Azure)

  • KYPO CRP was developed with the main focus of being completely open-source, including all its dependencies.
  • KYPO utilizes the OpenStack cloud platform for the deployment of sandbox environments. The OpenStack cloud platform is an open-source project that can be deployed without licensing fees on-premise or paid by usage with some public OpenStack cloud provider. The OpenStack requirement might be a limitation for some companies.
  • To enable broader adoption by industry and community, we would like to introduce implementation for major cloud providers, primarily aiming at Amazon Web Services.

Setting up the marketplace for content directly accessible from the platform

  • The European community needs a place where the content can be created, shared, exchanged, and made available for the users of a cyber range.
  • It can be perceived as a marketplace where scenarios and building blocks (e.g., TTPs, Ansible roles, training levels, support tools, and other content) are freely available for download.
  • The sharing platform should also be carefully curated by a selected group of administrators and focus on modern approaches such as continuous integration and continuous delivery to ensure high content quality and hassle-free distribution of scenarios to already deployed platforms around Europe.

CyberRangecz – a new brand for our services

  • We created a physical and virtual space designed to develop cybersecurity practices and train professionals to boost the resilience of digital society.
  • It serves as a stage for extensive cybersecurity exercises, technology testing, and community building.
  • CyberRangecz services are powered by the KYPO Cyber Range Platform


More articles

All articles

You are running an old browser version. We recommend updating your browser to its latest version.

More info