Operation Akela is a defensive range aimed at users with a beginner to intermediate knowledge level of incident response, threat hunting, and defensive tools.
Your investigation begins when a user alerts the SOC team to some suspicious activity they’ve identified on their machine. When they opened a document received via an email, they saw a flash of a black application with white text on their screen before it closed itself and the document opened.
It’s believed that the suspicious file discovered was in fact malicious. You’ve been tasked to investigate it.
With this information, you will examine and analyze the incident to determine what has happened.
This exercise provides:
How it works:
Event details:
Time: 9:00 AM - 5:00 PM ET
Date: 16 - 18 September 2025
How to register:
This exercise runs on the Immersive Labs platform and does not have any specific device requirements.
At 9:00 AM ET on Monday, the day prior to the exercise, FS-ISAC will hold a briefing and all registrants are sent a link to the recording. Teams begin the exercise at 9:00 am ET on Tuesday and should plan to complete it by 5:00 PM ET on Thursday.
*Members in any region can participate. The exercise starts and ends in eastern time, but the exercise can be played anytime/24 hours within that time frame. Support staff in each region will be available.
© Copyright 1999 - FS-ISAC, Inc. All Rights Reserved.