Me when I discovered @Centurion's Detection Lab. Chris Long, Detection & Incident Response Analyst at Palantir, released Detection Lab this past Monday. From his own Medium post, "Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete with a collection of endpoint security tooling and logging best practices."
From the Detection Lab GitHub, "this lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts." The feature list should close the deal for you:
Chris really wanted defenders to "have a quick and easy way to bring up a lab environment, complete with tooling and pre-configured logging." Detection Lab represents many of his weekends worth of work, over many months, and for that, we salute him. Well done, Chris! |
Russ McRee 198 Posts ISC Handler Dec 15th 2017 |
Thread locked Subscribe |
Dec 15th 2017 3 years ago |
Thank you
|
Netmanzim 63 Posts |
Quote |
Dec 15th 2017 3 years ago |
Great post thank you to all
|
Netmanzim 63 Posts |
Quote |
Dec 15th 2017 3 years ago |
Sign Up for Free or Log In to start participating in the conversation!