What is a KC7 Event?

A KC7 event is when you bring people together to learn cybersecurity skills through an interactive investigation game. You create the space, KC7 provides the learning experience.

What is KC7?

KC7 is a story-based cybersecurity game where students play as investigators solving a cyber "mystery." They work through a realistic (but fictional) incident by looking at clues from simulated computer and network activity, spotting what looks suspicious, and answering questions to move the story forward. It's designed for beginners, so students can jump in without prior experience, but it still teaches real skills like thinking logically, building a timeline of events, and explaining what happened in plain language.

What Does Hosting an Event Mean?

When you host a KC7 event, you're gathering a group of people - whether students, employees, or community members - and giving them a shared learning experience. You provide the time, space (physical or virtual), and encouragement. KC7 provides everything else: the game, the training, the tools, and the content.

Your event could be a 90-minute classroom activity, a 3-hour team building session, or a full-day cybersecurity workshop. It could be in-person in a computer lab or virtual over Zoom. The format adapts to what works for your group.

During the event, participants work through a cybersecurity investigation while you facilitate - answering questions, keeping energy positive, and celebrating their discoveries. You don't need to be a cybersecurity expert because the game teaches them. Your job is creating an environment where people feel comfortable exploring and learning.

Why Host a KC7 Event?

There are many reasons organizations and individuals choose to host KC7 events:

If you're an educator, it's a way to introduce students to cybersecurity careers and computational thinking without needing deep technical expertise yourself. Students get hands-on experience with real tools, and you get to watch them light up when they solve challenging puzzles.

If you're in HR or corporate training, KC7 events build team cohesion while teaching practical security awareness. Employees learn to think like attackers and defenders, which makes them more security-conscious in their daily work. It's team building that actually builds skills.

If you're a community organizer or student leader, hosting a KC7 event is a way to bring people together around technology in an accessible, engaging way. You don't need expensive equipment or specialized instructors - just computers and internet access.

If you're building a cybersecurity program, KC7 provides a low-friction entry point. After one successful event, you can easily run more. Many hosts start with a single trial and grow into running regular sessions or building entire curricula around KC7.

The common thread: you want to create an engaging learning experience without having to become a cybersecurity expert yourself. KC7 handles the technical teaching while you focus on what you do best - bringing people together and encouraging them.

How KC7 Works (Don't Worry, It's Simpler Than It Sounds)

You might be wondering: "This sounds technical - can I really facilitate this?" The answer is yes. Here's why: KC7 is built so the platform does all the teaching. Your participants interact with the game, not with you as their instructor. You're there to encourage them, not to explain cybersecurity concepts.

The Participant Journey

When participants join your event, they experience a complete cybersecurity investigation:

1. Access the game through your unique participant link

2. Read the scenario briefing introducing the security incident

3. Investigate using real security analysis tools in their browser

4. Analyze log data to uncover what happened and who was involved

5. Answer questions by submitting their findings to the scoreboard

6. Learn professional cybersecurity concepts through hands-on discovery

Everything happens in a standard web browser - no software installation, no complex setup, no prerequisites.

The Technology (Simplified)

Behind the scenes, participants use the same tools professional security analysts use daily:

• Azure Data Explorer (ADX) - Cloud-based data analysis platform where security logs are stored

• Kusto Query Language (KQL) - Simple query language for filtering and analyzing security data

• KC7 Scoreboard - Real-time interface showing progress and questions

• Built-in Training - Interactive tutorials and examples woven into the experience

Why This Works Even If You're Not an Expert

You might be thinking: "I don't know cybersecurity - how can I teach it?" That's exactly the point. You're not teaching it. Here's how KC7 removes the barriers that normally make cybersecurity education hard:

Your Participants Don't Need Experience (And Neither Do You)

KC7 scenarios assume zero cybersecurity knowledge. The game teaches participants everything they need through carefully scaffolded challenges. The first questions teach the basics, later challenges build on those foundations.

This means you're not explaining concepts - you're just helping people stay motivated when they get stuck. Many participants don't even know what a "log file" is when they start. By the end, they're analyzing thousands of security events. The game taught them, not you.

It's Actually Engaging (So Participants Stay Motivated)

This matters because the biggest challenge in any learning event is keeping people engaged. KC7 wraps learning in compelling stories - your first event features "A Scandal in Valdoria," a cyber incident in a fictional kingdom with political intrigue and digital mysteries to solve.

Participants stay engaged because they want to know what happens next in the story, not because they're checking off training requirements. Your job becomes much easier when people actually want to keep playing.

Participants Work at Their Own Speed (Less Pressure on You)

Some race through questions competitively, others explore thoroughly. Both are fine - the learning happens through investigation, not completion. This means you don't need to keep everyone at the same pace or worry if some people finish while others are still working.

The platform includes built-in hints, so participants can get unstuck without you needing to understand the technical details. You're there for encouragement and general questions, not cybersecurity expertise.

Flexible Formats That Fit Your Schedule

One of the biggest concerns when adding something new to your curriculum or program is finding the time. KC7 works with whatever time you have - you don't need to restructure your schedule or get special approval for a multi-day program.

45-Minute Quick Sessions

Perfect for tight class periods or taster sessions. Participants will complete 3-6 questions and get their first exposure to cybersecurity investigation. Great for building curiosity for future sessions.

90-Minute Workshops

Perfect for standard classroom periods, lunch-and-learns, or introductory sessions. Most participants won't complete the full scenario, and that's expected. The focus is on discovery and learning, not finishing.

2-3 Hour Events

The sweet spot for first-time hosts. Enough time for participants to make real progress, experience the full investigation arc, and engage with the material deeply. Many will complete the scenario.

Half-Day or Full-Day Programs

For hackathons, training intensives, or summer camps. Participants can complete multiple modules, develop deeper skills, and engage in team-based problem solving.

What Participants Actually Gain

The skills participants develop have real value - whether they pursue cybersecurity careers or not:

For students, it's often their first exposure to cybersecurity careers and data analysis. They learn they can handle technical challenges, which builds confidence. Many discover interests they didn't know they had.

For employees, the experience makes them more security-aware in their daily work. They understand how attackers think, why security policies exist, and how to spot suspicious activity. This awareness matters regardless of their role.

For everyone, the investigation process builds transferable skills: analyzing complex information, recognizing patterns, building logical arguments from evidence, and explaining technical concepts in plain language. These matter in many careers.

The technical skills they develop include:

• Log Analysis - Reading and interpreting security event data

• Query Writing - Using KQL to filter and analyze large datasets

• Pattern Recognition - Identifying anomalies and suspicious behavior

• Threat Hunting - Following evidence trails to uncover attacks

• Critical Thinking - Evaluating evidence and drawing conclusions

These are the same foundational skills professional security analysts use daily. Participants leave with genuine, applicable knowledge - not just theoretical concepts.

Your First Event: "A Scandal in Valdoria"

Every KC7 host's first event features our flagship scenario: a mysterious security incident in the Kingdom of Valdoria. Participants investigate what appears to be a political scandal but discover layers of cyber intrigue.

An important note: Most participants won't finish the entire scenario in a single session, and that's completely fine. The learning happens throughout the investigation, not just at the end. Someone who completes 5 questions has learned valuable skills. Someone who completes 15 has learned more. Both had a successful experience.

The scenario is carefully designed to introduce security concepts progressively:

• Early questions teach basic log analysis and querying (accessible to everyone)

• Middle questions apply those skills to more complex investigations

• Later questions challenge participants to synthesize evidence and draw conclusions

This progressive structure means participants at all levels learn something valuable. You don't need everyone to finish to have a successful event - you just need everyone to engage with the investigation and discover something new.

What You Need to Get Started

The barrier to entry is intentionally low. You don't need special equipment, software licenses, or technical expertise.

For you as host:

• A free KC7 account (created when you request your event)

• 1-2 days (often faster - check your email!) for event approval

• A venue (physical or virtual) where people can gather

For your participants:

• A computer with a web browser (Chrome, Firefox, Edge, or Safari)

• Internet connection

• Willingness to try something new

That's literally it. No software to install, no accounts to create ahead of time, no technical prerequisites, no cybersecurity background required. If they can browse the web, they can participate.

Start Small, Grow If It Works

You don't need to commit to a whole program upfront. Many hosts approach their first KC7 event as a trial: "Let's try this once and see how it goes."

That's a smart approach, and KC7 is designed to support it. After your first event, if it goes well and you want to do more, your account gives you everything you need to expand:

• Create additional games with different scenarios and modules

• Set up multiple classrooms to organize different groups

• Track participant progress across multiple events

• Build ongoing programs with sequential learning experiences

• Access advanced modules for returning participants

Many successful programs started with a single 90-minute trial. Some hosts run one event and stop there - that's completely valid. Others discover it works well and build it into their regular programming.

The platform is designed to scale with your ambitions - or stay small if that's what works for you. There's no pressure to expand beyond that first event unless you want to.

Ready to Host Your First Event?

KC7 events are simpler to run than you might think. The platform handles the cybersecurity instruction, the technical infrastructure, and the learning progression. You focus on creating a positive environment and encouraging participants to explore.