Scenario In this challenge room, you will act as John, who has recently cleared his third screening interview for the SOC-L2 position at MSSP Cybertees Ltd, and a final challenge is ready to test ...

Intro A few weeks ago, Jasmine, the owner of Coffely, had reported a potential data breach resulting in her secret recipe getting stolen by James from the IT department. Before the recipe could ge...

Intro Splunk is a powerful SIEM solution that provides the ability to search and explore machine data. Search Processing Language (SPL) is used to make the search more effective. It comprises vari...

Intro Wazuh is an open-source security detection tool that works on top of the ELK stack (Elasticsearch, Logstash, and Kibana) and is designed to identify threats using its alert rule syst...

Scenario Slingway Inc., a leading toy company, has recently noticed suspicious activity on its e-commerce web server and potential modifications to its database. To investigate the suspicious acti...

Scenario In a Security Operations Center (SOC), analysts are constantly overloaded with data from various sources, such as network traffic logs, intrusion detection systems, vulnerability scanners...

Intro Logstash is an open-source data processing engine that allows you to collect, enrich, and transform data from different sources. It is often used alongside other tools in the Elastic Stack, ...

Instructions: Uncompress the lab (pass: cyberdefenders.org), analyze the pcap and answer the questions. Scenario A network trace with attack data is provided. Please note that the IP address of ...

Instructions: Uncompress the lab (pass: cyberdefenders.org) WireDive is a combo traffic analysis exercise that contains various traces to help you understand how different protocols look on the...

Instructions: Uncompress the lab (pass: cyberdefenders.org) Scenario A PCAP analysis exercise highlighting attacker’s interactions with honeypots and how automatic exploitation works.. (Note t...