Thremulation (“Threat Emulation”) Station is an approachable and small-scale cyber threat emulation and detection range, built entirely with open-source projects, and of course - the full Elastic Stack.
This range is deployed and managed, on Windows, macOS, or Linux, using an automated script that will allow for junior and advanced threat hunters use and maintain the platform without a deep engineering background. The range can be run from a single system and assists security teams to train in both offensive and defensive cyber tactics leveraging:
* Elasticsearch, Kibana, Beats, and the Elastic Endpoint Agent (w/Security and Windows integrations)
* HashiCorp’s Vagrant
* Red Canary’s Atomic Red Team
* MITRE’s Caldera
This session will cover the project overview, deployment, operation, and a few demonstrations hunting for live intrusions.