Solution Overview

WWT's ATC CrowdStrike Proving Ground Lab exists to provide a unified solution built around relevant use cases. It seeks to showcase the CrowdStrike Falcon platform's web UI and ability to alert on, and prevent, breaches using cloud data and machine learning.

This lab consists of several servers running common enterprise applications that include Nessus, Splunk, Tanium and Active Directory (w/DNS). Tanium and Splunk are integrated to emulate normal application communication. Several workstations, with Windows 7 and Windows 10 operating systems, exist across two distinct network locations (Headquarters and Operations). Some of these machines are randomly conducting various attacks that will generate alerts within the CrowdStrike console for exploration and visibility into how the product and solution operate. 

You will access the environment using a Windows-based jumphost, from which you can browse web consoles, open RDP/SSH sessions, etc. (see Lab Topology). 

Lab Diagram