FICSIT-PROD-01  ·  Pioneer Division  ·  analyst: pioneer

Security Operations
Training Platform.

10 tools 5 labs 4 live incidents 350+ certs
For instructors
Project and walk
Pull up any tool, load a scenario, and guide a class through a live incident. Everything is pre-loaded. No setup, no accounts, just share the URL.
For students
Follow along
Every tool is loaded with the same fictional incidents. Open any page and the data is already there. Explore on your own or follow a lab walkthrough.
No account needed
Just a browser
No registration, no tracking, no configuration. The platform is stateless by design. Close the tab and nothing is saved, which is the whole point.
foyl Mock — 10 tools Open SOC →
SIEM
Security Info
Alerts, hunting, investigations
NGFW
Next-Gen Firewall
Traffic, rules, threat blocks
EDR
Endpoint Detection
Detect, isolate, respond
Mail
MailGuard
Phishing, headers, quarantine
IAM
Identity & Access
Users, MFA, PIM, risk
VM
Vuln Management
Findings, CVSS, remediation
SOAR
Orchestration
Playbooks, automations, cases
TIP
Threat Intelligence
IOCs, actors, campaigns
CASB
Cloud Access Sec
Shadow IT, DLP, policies
Tickets
Incident Queue
Kanban, sprints, SLA
foyl Labs — guided scenarios All labs →
01 Incident Response
SOC T1 SIEM · EDR · SOAR
~2.5 hr 02 Log Analysis
SOC T1 SIEM
30 min 03 Threat Lab
SOC T2 TIP · EDR
60 min 04 Vuln Management
SOC T2 Vuln · SOAR
40 min 05 Networking
Infra NGFW · SIEM
35 min
Active incidents — Ficsit Inc. Full cross-reference →
IRON CHIMNEY INV-2024-0087 Critical 10 tools · 5 labs ATO-002 MFA Fatigue INV-2024-0086 High 5 tools BEC-001 CEO Wire Fraud BEC-001 High 4 tools VF-001 Vendor Fraud VF-001 Medium 3 tools
foyl Attack ↗ foyl Certs ↗ The Brief ↗ Jobs ↗ OSINT ↗
analyst@FICSIT-PROD-01
MITRE ATT&CK v14.1
foyl-learn — soc terminal