Demonstrating integrated cyber security technologies.

Everything used here is a combination of publicly accessible tools, datasets, and information without any actual malicious code or intent in the real world.

The purpose is to demonstrate how different cyber security tools can be used to protect a real-world environment, and generate sample data within those environments.

Define

A need to demo out tools used in cyber security, and show the value of integrations between them became necessary to show the value of a security ecosystem.

Design

Many of the tools here are open source and can be used by anyone. The heart of the the demo environment is Node Red, commonly used in home automation, but vast range of use cases.

Build

A number of the resources created within this environment are available on GitHub.

Launch

asdf

DETAILS

  • AWS EC2, S3, EFS, DynamoDB
  • MicroK8s Kubernetes Cluster
  • Cloudflare
  • Node Red
  • Custom created flow to send random emails, dubbed “Mailgen”
  • Enron Data set
  • Random files, some crafted with using CVEs to reference Eicar
  • Processing of emails to simulate user interaction
  • Benign Credential Harvesting pages to be flagged by URL scanners