In a safe sandbox environment, interact and perform investigation actions with ThreatQ Investigations. Analyze targeted spear phish emails and understand the timeline of how an attack took place.  Watch the overview video, experience ThreatQ Investigations through this short challenge and see if you can uncover the guilty party.

The following things are limited in this sandbox environment:

  • This is a fictional situation for education purposes – do not take real world action on the threat data contained within.
  • There are no real connections to the >200 commercial, open source or community intelligence providers, or access to that data.
  • Any operations installed for enrichment and investigation are designed for the challenge situation only. They mimic real integrations that are available in real deployments, but details vary by deployment.
  • The threat data in this investigation should not be considered trustworthy or benign. It is a pretend investigation – although some file hashes, domain names, adversary identities, IP addresses, campaigns and other values could be real.