Privacy
What CI Cyber Lab collects, what it doesn't, and what users should never enter here.
What is collected
- Account information needed to operate the site: email, display name, password hash, role, and account status (enabled / disabled).
- Challenge activity: per-question submissions, the latest answer state for rehydration, attempt counts, and completion status.
- Basic web analytics may be used to understand how the site is used and where challenges need improvement. Analytics do not identify individual users by name.
What is not collected
- Passwords are never stored in plaintext. Only an Argon2id hash is persisted.
- CI Cyber Lab does not ask users to upload real case data. Every artifact and scenario shipped with the platform is fictional and sanitized.
What users should not enter
Don't put classified, sensitive, operational, personally identifying, or real investigative information into free-text fields, admin notes, or authored-scenario content. Treat this as a public training site: anything you type should be safe to be there.
Contributions
Optional contributions to help offset hosting costs are handled entirely by GitHub Sponsors. CI Cyber Lab does not receive payment information, does not retain billing records, and does not link sponsorship to any platform account.
Scope
CI Cyber Lab is an independent training project I maintain in my personal capacity. It is not a substitute for accredited training, agency tooling, or any official record system.
Contact
Questions about this page or how the platform handles data can be directed to the site maintainer through the project's GitHub repository.