Overview
PromptStorm is an immersive blue team cyber range in the SkyFall Enterprise collection, built to validate real incident response capability in AWS environments that include AI and LLM workflows.
Defenders investigate and contain a multi-stage breach where attackers exploit weaknesses in AI workflows and cloud identity controls, escalate privileges, reduce visibility, and quietly monetize the environment with covert crypto-mining across multiple AWS regions. Long-term access is maintained through legitimate AWS automation and durable services rather than traditional malware, forcing responders to reconstruct the intrusion end-to-end and drive the full response lifecycle without destabilizing production systems.
The scenario
An AI-enabled AWS environment begins exhibiting subtle signs of compromise.
- Cloud costs begin to rise without a clear cause
- Logs contain unexpected content
- Access patterns no longer align with intended behavior
- Audit visibility degrades at a critical moment
The environment reflects an active breach where identity, automation, and observability have all been impacted. The objective is to understand what is happening, regain control, and drive the incident to resolution without destabilizing production systems.
Investigation and response flow
Nine challenges with mixed difficulty that progress through the incident response lifecycle.
PromptStorm spans the incident response lifecycle from early signal recognition through containment, remediation, and recovery. Players get hands-on experience handling a realistic breach and crytomining attack under real conditions, helping defenders stay cyber ready when responding to real threats. Each challenge maps to a realistic investigation or response decision point, and progression is evidence-driven: players advance by correlating what they see, confirming what occurred, restoring visibility where required, and applying corrective actions that match the situation.
What PromptStorm is designed to test
PromptStorm evaluates blue team judgment under realistic conditions.
- Investigating AI-related security failures
- Tracing identity abuse across cloud services
- Operating with incomplete or degraded logging
- Distinguishing operational noise from adversary activity
- Making containment decisions under pressure
- Driving remediation and recovery without collateral damage
The focus is on investigation and response decision-making, not executing a fixed sequence of actions.
The Environment
Players operate inside a realistic AWS environment aligned to the scenario, with:
- Optional custom SIEM integrations available on request
- Multiple AWS regions in use
- Identity and permissions that reflect real abuse paths
- Searchable OpenSearch logs and prebuilt dashboards
- Deliberately degraded audit visibility at key stages
- Active infrastructure impacted by attacker activity
The attack patterns and abuse paths implemented in this environment reflect tradecraft documented in Permiso Security’s research into the GUI-Vil threat actor.
Collaboration with threat researchers
PromptStorm was developed in collaboration with Permiso Security, whose real-world research into cloud and LLM abuse directly informed the PromptPwn attack chain and the defensive challenges in this range.
We extend special thanks to Abian Morina and Andi Ahmeti from Permiso's P0 Labs team. Their expertise in cloud identity threat detection, privilege escalation, and detection engineering shaped the cyber range, including realistic LLM-driven policy manipulation and crypto-mining persistence techniques.
Their contributions showcase how modern cloud attacks unfold in practice and provides defenders with hands-on exposure to tradecraft they are increasingly encountering in live environments.