Cyber CapstoneTM

Defense by design examinations for real-world cybersecurity practice.

You will think like the attacker, build like an engineer, and prove your work.

Join architects and engineers worldwide shaping the future of cybersecurity through technical concepts, models, and our Defensible 10 Standards.

Cyber Capstones in the Mission Pack Model

ISAUnited Cyber Capstones (ICC) are structured simulation assignments delivered within Cyber War Center Mission Pack domains. Each Cyber Capstone assigns a defined cyber problem, requires participants to build a Tactical Battle Map, and evaluates the architecture, engineering, Security by Design, or Red Team Engineering decisions they produce.

Cyber Capstones are completed inside the Cyber War Center Learning Management System. Participants use ISAUnited’s Blue Team and Red Team resources to support their work, including:

Intrusion Vault: threat actors, threat vectors, and threat tools that help define how compromise may progress.
Defense Toolbox: Defensible 10 Standards and Defensible Engineering Catalog components used to design and justify the defense.

Each Cyber Capstone is designed to evaluate practical decision making, architecture level reasoning, threat mapping, defensible design, and the ability to produce evidence that withstands review.

Broken Trust ICC

Cyber Capstone Samples

Cyber Capstones focused on trusted systems, identity paths, insider risk, and compromised trust relationships.

The Broken Trust Mission Pack domain challenges participants to study how compromise can move through systems, identities, applications, and integrations that were assumed to be safe. These Cyber Capstones emphasize trust boundaries, identity misuse, partner exposure, and defensible monitoring.

ICC-ARC-01: Cloud Landing Zone and New SaaS

Design a defensible architecture for a new SaaS environment with tenant separation, partner access, and identity risk.

ICC-ARC-02: Partner Integration and Trust Boundary Exposure

Map trusted connections, application programming interface exposure, and cross organization access paths that could expand compromise.

ICC-ENG-01: Identity Federation and Token Misuse Risk

Engineer controls that reduce identity abuse, token misuse, and unauthorized movement through trusted access paths.

Launch Shield ICC

Cyber Capstone Samples

Cyber Capstones focused on security by design before deployment across systems, applications, and infrastructure.

The Launch Shield Mission Pack domain focuses on planning, architecture, engineering, and design decisions before production deployment. These Cyber Capstones evaluate how participants identify exposure early, define requirements, place safeguards, and prove readiness before launch.

ICC-SbD-01: Product Launch Security Readiness

Apply Security by Design to a new product launch before production release.

ICC-SbD-02: Application Deployment and Exposure Review

Identify exposure early and define safeguards before a new application moves into production.

ICC-SbD-03: Industrial Platform Launch and Safety Aligned Security

Apply Security by Design to a connected industrial or operational environment where safety, resilience, and access control must be proven before deployment.

RTE ICC

Cyber Capstone Samples

Cyber Capstones focused on Red Team Engineering, controlled adversarial practice, and governed exercise conditions.

The Red Recon Mission Pack domain introduces disciplined red team engineering through an authorized scope, reconnaissance logic, threat mapping, and defensible reporting. These Cyber Capstones help participants study adversary behavior while connecting Red Team activity to Blue Team readiness and to the outcomes of governed exercises.

ICC-RTE-01: Authority, Scope, and Mission Brief

Define lawful authority, boundaries, objectives, and rules of engagement for a controlled red team exercise.

ICC-RTE-02: Threat Profile Selection and Vector Mapping

Select the threat profile and map likely entry paths, exposure conditions, and adversary movement.

ICC-RTE-03: Architecture Exposure and Detection Objectives

Connect red team activity to architecture exposure, blue team detection goals, and defensible reporting.

Get Started

For the School of Engineering Cyber Defense

Enroll in your program pathway and complete your capstone inside the Cyber War Center when you reach the submission stage.

Enroll as a Student | Learn About Capstones.

Enroll as a Student

For CPL Candidates

Learn how professional readiness exercises support serious technical validation.

For Organizations

Activate your tech teams' ISAUnited membership | Member organizations receive discounted rates.

Activate your Team

Why Join ISAUnited?

Become a Member Today

Membership Types

Get Involved

Technical Fellow Society

Our Society is a prestigious body of seasoned experts whose leadership and counsel guide the advancement, integrity, and operations of our cybersecurity architecture and engineering mission.

ISAUnited Licensing & Credentials

Overview

CAL for Career Launch

CPL for Professionals

CPL for Corporate Teams

The School of Engineering Cyber Defense

Learning Starts Here

Professional Programs

Student Resources

Career Launch Program

Join Knights Nation

Online school for cyber architecture & engineering—build a portfolio and follow a clear path to CPL.

ISAUnited's Cyber War Center Simulator

Cyber War Center

Simulations

Platform & Modules

ISAUnited's Defensible 10 Standards

Security Standards

Access Standards

About Standards

ISAUnited's Red Team Intelligence

Red and Blue Practice

Intrusion 8

Red Team | Blue Team

Welcome to the Technical Research Center (TRC)

About the TRC

Annual Reports

Technical Institute

ISAUnited's Core Divisions

Cybersecurity Architecture

Cybersecurity Engineering

Cyber Sciences

Security by Design

Cybersecurity Law and Digital Justice is ISAUnited’s consequence discipline: defensible evidence practice, escalation rigor, and justice aware coordination that protects outcomes when incidents become consequential.

Our Story & Mission

Play

Who We Are

Enterprise Security Architecture Body of Knowledge. The ESABOK from ISAUnited empowers architects and engineers to navigate architecture conformity and standardized processes for secure design confidently.

The ISAUnited Manifesto

Cyber CapstoneTM

Defense by design examinations for real-world cybersecurity practice.

You will think like the attacker, build like an engineer, and prove your work.

Join architects and engineers worldwide shaping the future of cybersecurity through technical concepts, models, and our Defensible 10 Standards.

Cyber Capstones in the Mission Pack Model

Cyber Capstone Samples

Cyber Capstones focused on trusted systems, identity paths, insider risk, and compromised trust relationships.

ICC-ARC-01: Cloud Landing Zone and New SaaS

​ICC-ARC-02: Partner Integration and Trust Boundary Exposure

ICC-ENG-01: Identity Federation and Token Misuse Risk

Cyber Capstone Samples

Cyber Capstones focused on security by design before deployment across systems, applications, and infrastructure.

ICC-SbD-01: Product Launch Security Readiness

ICC-SbD-02: Application Deployment and Exposure Review

ICC-SbD-03: Industrial Platform Launch and Safety Aligned Security

Cyber Capstone Samples

Cyber Capstones focused on Red Team Engineering, controlled adversarial practice, and governed exercise conditions.

ICC-RTE-01: Authority, Scope, and Mission Brief

ICC-RTE-02: Threat Profile Selection and Vector Mapping

ICC-RTE-03: Architecture Exposure and Detection Objectives

Get Started

For the School of Engineering Cyber Defense

For CPL Candidates

Guest

Members

Technical
Institute

Enterprise Security Architecture
Body of Knowledge.

The ESABOK from ISAUnited empowers architects and engineers to navigate architecture conformity and standardized processes for secure design confidently.

ICC-ARC-02: Partner Integration and Trust Boundary Exposure