Live Malware Test Lab

Solution Overview
In today's enterprise networks, endpoints are the most common vector for cybersecurity attack. The marketplace offers a constantly changing variety of tools and solutions to protect endpoints and detect and respond to malware and suspicious behaviors. How does an organization sort through the forest of diverse vendors and technical approaches to identify the solution that provides the best fit for its requirements?

WWT's Live Malware Lab is delivered to customers as part of a paid engagement. It features a "live fire" environment housed in our Advanced Technology Center (ATC). The Live Malware Lab is a permanent “air-gapped” installation that simulates customer environments and allows for safe testing of security solutions using live malware. It supports both physical and virtual endpoints and can be customized to simulate a wide range of testing conditions.

Using the Live Malware Lab, customers can see different endpoint security products in action and compare them based on specific requirements. When combined with WWT’s established proof of concept (PoC) testing methodology and vendor-neutral approach, customers gain a 360-degree understanding of how these security tools would react in their own environments under fire.

Goals & Objectives

The Live Malware Testing Lab is delivered to WWT customers as part of a paid engagement. Through testing in the lab, customers can:

  • Test the security efficacy of different endpoint security products while under fire from real-world malware and other cyber attacks.
  • Understand how security products will fit into their environment before purchasing a product.
  • Deploy agents onto Windows and Linux systems.
  • Experience firsthand the look and feel of each product.
  • Navigate each product's interface and workflow.

Hardware & Software

The contents of the Live Malware Lab will vary based upon individual customer requirements. In general, it will contain:

  • An independent internet connection protected by a firewall.
  • An OpenVPN virtual private network used for external lab access.
  • A Green ("Safe") Zone used for administration and testing purposes.
  • An isolated Red ("Infection-ready") Zone containing endpoints to be tested using live malware.