Entrap Academic Beta Testing Program
Def-Logix completed an initial beta testing round with local Universities in the San Antonio area over the Summer. Cybersecurity programs from both UTSA and Texas A&M-University San Antonio participated in learning about the MITRE ATT&CK Matrix and our hunt tool Entrap through several labs we created.
All in all, the Entrap beta program was a success for both the educational institutions and our company as well. For many of the students, it was their first time experiencing such a tool in real-world scenarios.
Feedback was generally pretty positive too from the students as we asked them their thoughts on using the Entrap hunt tool.
"With the quick start guide, using this tool was super intuitive, and took no time at all to set up the initial alerts. I had to troubleshoot the tool initially, as I wasn't getting any alerting. I re-ran the RuleGenerator.exe to process all of the yaml files in my directory. Worked like a charm. Alerted on the quick start activity like a champ." - Anonymous Student
"The record mode allows incident responders to gather data regarding the activity that is occurring on the system. From this data the operators can then create the applicable rules to alert on, or block the use of certain applications or command line arguments. This really enables IRTs to refine the Entrap rules to the specificity that they require." - Anonymous Student
|