Back by Popular Demand: MacBook Air, $400 Amazon Gift Card, or $400 off with OnDemand Courses


To attend this webcast, login to your SANS Account or create your Account.

Cyber42 Game Day: Vulnerability Management Simulation

  • Tuesday, February 23, 2021 at 10:30 AM EST (2021-02-23 15:30:00 UTC)
  • Jonathan Risto, Chris Denney

You can now attend the webcast using your mobile device!



In this special session you will play to win the Cyber42 Vulnerability Management Simulation! In this 90-minute Game Day you will play as part of a team to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain and even unintended consequences.

This interactive simulation puts you in real-world scenarios that spur discussion, critical thinking of situations, and melding of different points of view and personalities that likely will encounter at work. The decisions your team makes will impact your organizations vulnerability management program, leveraging and impacting the available budget, time, and vulnerability management maturity.

Winning the game is simple. Your team needs to have the highest score, which represents how well your team has adapted and implemented the vulnerability management program. nIt's not just about implementing security controls, it's about changing behaviors and culture to create lasting improvements.

The Cyber42 game was originally developed for MGT512: Security Leadership Essentials for Managers and is now part of four SANS Cybersecurity Management courses. Free Cyber42 Game Days are offered monthly to the entire community. Review the 2021 schedule here.


Software needed each requiring a separate login

  • Zoom to listen to webinar and view presenters slides throughout the game
    • Log into the webcast via your SANS Portal Account

  • Slack to interact with other players, leaders, and SANS Staff for support
    • Log in to

  • Cyber42 Web App online game
    • Link will be provided at the Game Day

Speaker Bios

Jonathan Risto

With a career spanning over 20 years that has included working in network design, IP telephony, service development, security and project management, Jonathan has a deep technical background that provides a wealth of information he draws upon when teaching. Currently, Jonathan works for the Canadian Government conducting cyber security research in the areas of vulnerability management and automated remediation. He is also an independent security consultant. Jonathan is a co-author and instructor for SANS MGT516: Managing Security Vulnerabilities – Enterprise and Cloud, and has been an instructor for both SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling and SEC440: Critical Security Controls: Planning, Implementing, and Auditing. Read more about Jonathan here.

Chris Denney

Christopher Denney is a cybersecurity professional with 25+ years of combined security operations experience. During this time, Christopher has worked for government entities and financial institutions striving to mitigate risks and threats at all levels internally and externally. Christopher holds several certifications including GSEC, GCCC, and CISSP from ISC2.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.