Skip to main content
64+ Interactive Exercises

Security Training Catalogue

Interactive 3D exercises across phishing, GDPR compliance, AI threats, and real incident case studies. Free to play, no sign-up required.

Security Awareness

46 exercises · Build a security-first culture with interactive exercises covering phishing, social engineering, device security, and more.

Phishing

Spot a phishing email before you click.

  • Identify spoofed senders and URLs
  • Recognize credential theft attempts
  • Report phishing through proper channels
Play Exercise

Ransomware

Survive a ransomware attack in real time.

  • Respond to a live ransomware scenario
  • Follow containment and isolation steps
  • Preserve evidence for forensic analysis
Play Exercise

Social Engineering

Recognize manipulation before you comply.

  • Detect pretexting and authority scams
  • Practice verification under pressure
  • Understand the human element in breaches
Play Exercise
View all 46 Security Awareness exercises

Privacy & Compliance Frameworks

11 exercises · Master GDPR compliance with hands-on exercises covering data protection, breach response, and privacy by design.

Data Breach Response

Triage a breach and meet the 72-hour notification clock.

  • Apply Article 33 notification requirements
  • Assess breach severity and reporting thresholds
  • Draft a supervisory authority notification
Play Exercise

Cross-Border Data Transfers

Navigate transfer mechanisms for data leaving the EEA.

  • Select the right transfer mechanism (SCCs, BCRs)
  • Conduct a Transfer Impact Assessment
  • Apply Schrems II safeguard requirements
Play Exercise

Legitimate DSAR Processing

Process a data subject access request end to end.

  • Verify requester identity under Article 15
  • Search and compile data across systems
  • Meet the 30-day response deadline
Play Exercise
View all 11 Privacy & Compliance exercises

AI & LLM Security

5 exercises · Prepare for AI-powered threats including prompt injection, deepfake attacks, and LLM manipulation.

Clawdbot (Moltbot) Prompt Injection

Stop an AI assistant from leaking data via hidden prompts.

  • Identify hidden instructions in documents
  • Prevent data exfiltration through AI tools
  • Recognize prompt injection patterns
Play Exercise
View all 5 AI & LLM Security exercises

Real-World Incidents

2 exercises · Learn from actual security breaches. Walk through the MGM Resorts attack, BEC fraud cases, and more.

MGM Resorts Breach

Relive the 10-minute helpdesk call that cost $100M.

  • Recognize helpdesk vishing techniques
  • Understand Scattered Spider social engineering
  • Trace the path from phone call to ransomware
Play Exercise

OneNote Email Attack

Trace a real BEC scam built on weeks of inbox surveillance.

  • Detect lookalike domain invoice fraud
  • Spot signs of long-term email monitoring
Play Exercise
View all 2 Real-World Incidents exercises

What Is Security Awareness Training?

Security awareness training is a structured education program that teaches employees to recognize, avoid, and report cybersecurity threats in their daily work. Topics include phishing email detection, ransomware response, social engineering defense, password security, device protection, GDPR compliance, and AI-powered attack recognition.

RansomLeak delivers this training through interactive 3D simulations where employees practice inside realistic attack scenarios rather than watching passive videos.

This catalogue organizes 64+ free exercises into four categories: Security Awareness (46 exercises across 10 courses), Privacy and Compliance (11 GDPR-focused exercises), AI and LLM Security (5 exercises on prompt injection and deepfakes), and Real-World Incidents (2 case studies from documented breaches). All exercises run in the browser with no sign-up required.

Deploy Training Across Your Organization

Analytics dashboards, SCORM export, SSO, custom branding, and compliance reporting for your organization.