Ludus
// CAPABILITIES STATEMENT

Cyber ranges fornational defense

Ludus is a self-hosted cyber range platform built by former federal red team operators for the teams who run offensive cyber, threat intelligence, and detection work behind the firewall. One install spins up realistic enterprise networks on hardware you own. No cloud round trip. No customer data leaving the box.

SAM.gov UEI
TG6ZKCGS1T77
CAGE Code
139C8
NAICS Codes
541511 · 541512 · 541513 · 541519 · 611420
Service-Disabled Veteran-OwnedSBA Certified · View certification →
// CORE COMPETENCIES

What Ludus delivers in the field

Offline install

Coming Soon

Stand up Ludus where the internet doesn't reach. Mirrored repositories and air-gapped templates for classified and disconnected environments.

Range baking

Coming Soon

Turn any Ludus VM — or a whole range — into reusable VM templates. Capture the state, freeze the build, ship it to other operators.

On-prem, behind the firewall

Customer data, tradecraft, and equities stay on hardware you own. No third-party storage, no cloud telemetry, no compliance round trip.

Per-engagement isolation

One clean range per program. Group managers and per-user isolation prevent cross-contamination between assessments.

REST API + CI/CD

Every CLI action is an OpenAPI 3.0 HTTP call. Build, deploy, destroy, repeat — unattended, scriptable, repeatable.

Open core, AGPLv3

Auditable source on GitLab. No black-box stack to vet, no vendor lock-in on the platform layer.

// DIFFERENTIATORS

Why agencies and operators pick Ludus

250+
Organizations deployed

Running in Fortune 100 security orgs, national defense and intelligence teams, AI labs, and R1 research universities today.

SDVOSB
Service-Disabled Veteran-Owned

Built by former operators with experience in CYBERCOM running OCO and DCO missions for the teams doing offensive and defensive cyber today.

AGPLv3
Open core, no lock-in

Auditable source. The community edition is the same engine the platform tier runs on — nothing to reverse engineer before approval.

100%
On-prem by default

No customer data, telemetry, or tradecraft leaves the box. Ludus is designed for the environments where that matters most.

// EXPERIENCE

Past performance

Selected engagements, ordered by relevance to defense and public-sector programs.

  1. .01
    Fortune 100 manufacturer
    Oct 2024 – present

    Captured stage-2 malware behaviour commercial sandboxes can't observe — on a Ludus-emulated enterprise that defeats environmental keying and anti-analysis checks.

  2. .02
    Top global red team consultancies
    Oct 2024 – present

    Per-engagement isolated range infrastructure on customer hardware. One range per assessment — zero cross-contamination between programs.

  3. .03
    Bespoke training provider
    July 2024 – present

    Per-student isolated course material delivered through Ludus. Each cohort runs on its own clean range; reset between groups in minutes.

// NEXT STEPS

Pick a tier. Stand up the range.

Compare PlansSee use cases
ludus-support@badsectorlabs.com