Try The ThreatQ Investigations Challenge!

Test your Investigation Skills!


  • Get immediate access to a ThreatQ Investigations system
  • Interact and perform investigation actions in a safe sandbox environment
  • Analyze targeted spearphish emails
  • Understand the timeline of how the attack took place
  • “Whodunnit” – see if you can uncover the guilty party

The following things are limited in this sandbox environment:

  • This is a fictional situation for education purposes – do not take real world action on the threat data contained within.
  • There are no real connections to the >200 commercial, open source or community intelligence providers, or access to that data.
  • Any operations installed for enrichment and investigation are designed for the challenge situation only. They mimic real integrations that are available in real deployments, but details vary by deployment.
  • The threat data in this investigation should not be considered trustworthy or benign. It is a pretend investigation – although some file hashes, domain names, adversary identities, IP addresses, campaigns and other values could be real.