Cympire Open-Ended Scenarios is a cyber range training module designed for blue team practitioners to practice investigation and response skills against high-complexity, multi-stage attack simulations. Unlike guided or multiple-choice exercises, the training presents non-linear investigations where participants must ingest raw logs, artifacts, and network data to form and validate their own hypotheses without a predefined playbook. Trainees work through full attack chain reconstructions spanning initial access, lateral movement, persistence, privilege escalation, defense evasion, credential access, collection, exfiltration, and command and control — aligned to MITRE ATT&CK tactics. The exercises are conducted using the same SIEM and monitoring tools teams use in production environments, simulating realistic operational pressure conditions across endpoint, network, identity, and application data sources. Upon completing an investigation, participants are required to produce executive-grade reports containing evidence-backed narratives, remediation plans, and containment strategies. The module also incorporates threat intelligence and attribution thinking, including analysis of APT-style activity.