A new CTech report goes inside the IDF’s cyber training facility, where defenders rehearse against realistic attacks on the Cympire platform.
On June 14, 2026, CTech published an inside look at one of the places where Israel prepares for what its reporter called the “invisible war”: the IDF’s Cyber Trainer Facility. Among the details in the feature, the simulation platform the facility’s instructors use to put cyber defenders under realistic pressure was built by Cympire.
The feature, reported by Omer Kabir, describes a training environment engineered to feel like the real thing: simulated network breaches, live attack scenarios and the tempo of an actual incident. The stakes behind that realism are not abstract. CTech reports the facility now contends with a far heavier volume of cyberattack attempts than in the past, roughly seven times as many. It is the kind of sustained pressure that rewards teams who have already seen the patterns and exposes those who have only read about them.
The report also captures something the security industry discusses too rarely: who does this work. The facility’s most recent course, according to CTech, was split roughly evenly between women and men, a reminder that the talent answering these attacks does not fit a single profile.
What stands out from the outside is the philosophy. Defenders are not built by slideware or multiple-choice exams. They are built by repetition against attacks that behave like the ones they will actually face, on the same kinds of tools, networks and architectures they will defend in production.
That principle is the reason Cympire exists. The platform is designed to replicate a client’s real environment rather than a generic lab: the security tools their analysts already operate, the network architecture they have to protect and the threat patterns relevant to them. The closer the simulation sits to the systems a team defends every day, the less translation is required when a real incident begins. And because the platform is cloud-native, that fidelity scales, from a single SOC shift to an entire workforce, with no hardware to rack first. Repetition in that kind of environment is what turns knowledge into instinct, and under a live alert, instinct is most of what a defender has to work with.
“The teams that hold up under pressure are the ones who have already met the same attack patterns, the same lateral movement, the same pace, in an environment that behaves like the real thing. That’s the whole point of true-to-life simulation: when the alert is real, nothing about it is unfamiliar.” Nisan Ben Rubi, VP cyber at Cympire.
For Ben Rubi, the report reflects a wider shift in how serious organizations think about readiness. “Serious teams don’t ask how to get to the range,” he said. “They ask how often, and against which TTPs. The ones getting it right run it against their own threat profile and measure how much of the gap they closed, every cycle, not once.”
The skills shortage in cybersecurity is not only a hiring problem. It is a readiness problem: the distance between what a team knows and how it performs when a real adversary is already inside the network. Closing that distance, at the scale national defense and enterprise security both now demand, is the work Cympire was built for.
Read the full CTech feature here: https://www.calcalistech.com/ctechnews/article/skfenaowml
See how the Cympire platform runs against your own environment. Request a demo at www.cympire.com.
Cympire is a cloud-native cybersecurity training platform designed to build and assess the skills of security professionals in true-to-life environments. By replicating real-world network architectures, security tools, and attack scenarios, Cympire enables organizations to measure and continuously improve their cyber resilience. Serving enterprise, government, and higher education clients globally, Cympire delivers scalable, customizable training that prepares teams for the threats they actually face. For more information, visit www.cympire.com.