SECURITY OPERATIONS CENTER · OPENENV COMPLIANT
3TASKS
v1.0BUILD
0sUPTIME
SYSTEMS ONLINE
// SOC OVERVIEW
// ASSET MONITOR
// MISSION TASKS
// API CONSOLE
// LIVE TESTER
// SCOREBOARD
⚠ LIVE THREATS S3 BUCKET s3-vault — PUBLIC ACCESS ENABLED · PII DATA EXPOSED  |  IAM USER user-dev-01 — ADMIN PRIVILEGES VIOLATION  |  PORT 22 OPEN — BRUTE FORCE ATTACK DETECTED ON web-server  |  COMPLIANCE ALERT — UNENCRYPTED STORAGE  |  FIREWALL MISCONFIGURATION DETECTED  | 
// Environment StatusOPENENV v1.0
SENTINEL_ENV
AI-POWERED CYBERSECURITY ENVIRONMENT FOR TRAINING AGENTS ON REAL-WORLD CLOUD SECURITY TASKS
root@sentinel:~$
LAUNCH TESTER API DOCS
// Threat Level
ACTIVE BREACH
3 INCIDENTS OPEN
// Tasks
3
Active Tasks
↑ easy · medium · hard
// Max Score
1.0
Per Task
↑ 3.00 total possible
// API Port
7860
REST Endpoint
↑ LIVE
// Spec
OE
OpenEnv
↑ validated ✓
// Agent Terminal LIVE LOG
sentinel@env:~
CLEAR
openenv validate sentinel_env
Environment schema valid
3 tasks registered (easy · medium · hard)
REST API active on :7860
Docker image built successfully
python inference.py
easy-lockdown    1.00  ██████████
medium-access   1.00  ██████████
hard-breach     1.00  ██████████
Total: 3.00 / 3.00 — All scores valid ✓
// LIVE ASSET MONITOR — Click an asset to simulate remediation
// Storage Assets
🪣
s3-vault
⚠ PUBLIC — PII EXPOSED
// IAM Assets
👤
user-dev-01
⚠ ADMIN ACCESS — VIOLATION
// Firewall Assets
🔥
web-server
⚠ PORT 22 OPEN
🌐
attacker-ip
⚠ BRUTE FORCE ACTIVE
// Remediation Log REAL-TIME
asset-monitor@sentinel
CLEAR
3 assets in BREACH state — remediation required
Click FIX or BLOCK on any asset above to remediate
// Mission Tasks3 ACTIVE — CLICK TO EXPAND
easy-lockdown
Secure a public S3 bucket containing PII data
EASY
1.0 pts  
Objective: S3 bucket s3-vault is publicly exposed with PII. Revoke public access immediately.
Action: command="lockdown" target_id="s3-vault"
Incremental: command="scan" → +0.1 reward for investigating first
Reward: +1.0 on success · +0.1 for scan · -0.1 per wrong action
Success: bucket status changes from publicprivate
medium-access
Enforce least-privilege — revoke IAM admin rights
MEDIUM
1.0 pts  
Objective: IAM user user-dev-01 has full admin access violating least-privilege policy.
Action: command="revoke_admin" target_id="user-dev-01"
Incremental: command="audit" → +0.1 reward for auditing first
Reward: +1.0 on success · +0.1 for audit · -0.1 per wrong action
Success: user role changes from admin_accessread_only
hard-breach
Two-step incident response — block IP then close port 22
HARD
1.0 pts  
Objective: Active brute force attack on port 22. Must block attacker IP then close the port.
Step 1: command="block_ip" target_id="attacker-ip" → +0.5
Step 2: command="close_port" target_id="web-server" → +0.5
Incremental: command="investigate" → +0.1 for prior investigation
Note: Port cannot be closed before IP is blocked — order matters.
// API Endpoints6 ROUTES
GET/docsInteractive Console GET/healthSystem Health GET/metadataEnv Metadata GET/stateCurrent State
POST/resetReset Episode
POST/stepExecute Action
// Quick Reference
POST /reset
{"task_id": "easy-lockdown"}
POST /step
{"command": "lockdown", "target_id": "s3-vault"}
GET /state
→ returns full episode state
GET /metadata
→ env info + current task
OPEN SWAGGER UI
// Reset Environment
TASK ID
RESET RESPONSE
// Click RESET ENVIRONMENT to initialize...
// Execute Action
COMMAND
TARGET ID
STEP RESPONSE
// Reset first...
// Session Log LIVE
live-session@sentinel
CLEAR
Waiting for commands...
// Auto BenchmarkALL TASKS
EASY-LOCKDOWN
PENDING
MEDIUM-ACCESS
PENDING
HARD-BREACH
PENDING
Ready — will run all 3 tasks automatically.