ScenarioLab gives security hiring teams a scenario lab — candidates analyse deliberately flawed AI-generated reports under time pressure. Scoring is fully deterministic. No LLMs in the loop.
Free trial · no credit card required
AI Security Analysis — Network Scan
CVSS 9.8 · Apply input sanitisation immediately.
Recommendation: disable TLS 1.2 and below.
Candidate must identify
The hiring gap
AI-generated security reports are increasingly polished — and increasingly wrong. Candidates who can't distinguish confident AI prose from sound analysis are a liability.
Technical screens test memorised CVEs and syntax. Scenario-based assessments reveal whether candidates actually reason through an analysis or just pattern-match.
Most soft-skill assessments rely on interviewer opinion. ScenarioLab scores against a fixed key — same standard for every candidate, every time.
How it works
Select from curated scenarios — each contains an AI-generated security report with embedded analytical flaws, scored against a fixed rubric.
Paste a candidate email and we send them a private assessment link. They authenticate with a one-time code — no account creation needed.
Each submission produces a detailed evaluation report: per-question scores, reasoning quality, and an overall band. Export as PDF for your records.
Sample report
Every completed assessment generates a full evaluation — per-dimension scores, a critical thinking profile, and a hiring recommendation. No interpretation needed.
Alex M.
a7f3...c91e@candidate
Senior SOC Analyst Screening · Phishing Campaign Attribution
MIDSubmitted 10 Apr 2026 · Time taken 17m 42s
68 / 100
ProficientCritical thinking profile
Strongest area
Threat attribution
Weakest area
Remediation reasoning
Summary
Strong attribution instincts; remediation steps lack precision under time pressure.
Evaluation narrative
Alex correctly identified the misattributed threat actor and flagged the CVSS inconsistency on Q2. Remediation responses were directionally correct but lacked the specificity expected at mid level — particularly around lateral movement containment. Overall reasoning is sound; gaps are addressable with structured mentorship.
Recommendation: Proceed to final interview with focus on incident response depth.
Dimension breakdown
Strong
Strong
Adequate
Weak
| Dimension | Score | Max | Band |
|---|---|---|---|
| Threat attribution | 17 | 20 | Strong |
| Evidence evaluation | 18 | 25 | Strong |
| Risk prioritisation | 15 | 25 | Adequate |
| Remediation reasoning | 18 | 30 | Weak |
Built for security teams
Every response is evaluated against a deterministic rubric. Scoring is a pure function — reproducible and auditable.
20-minute sessions. Realistic pressure without the noise of open-book take-homes.
Per-question scoring with overall bands. Clear signal on where a candidate's reasoning breaks down.
Candidate emails are hashed after OTP verification. Raw answers are never written to the database.
Pricing
Try it on your next hire
Run 3 real candidates through a scenario before you commit to anything.
Free — no credit card required