1 points | by PhantomArmor 9 hours ago
1 comments
Key characteristics: - 23-day attack timeline (mirrors real APT dwell time) - 8M+ logs with 0.007% attack signal - Service account hijacking patterns - Defense product logs (EDR, DLP, SIEM)
Single scenario, intermediate skill. Has limitations.
Feedback welcome - what other scenarios would be useful?
Key characteristics: - 23-day attack timeline (mirrors real APT dwell time) - 8M+ logs with 0.007% attack signal - Service account hijacking patterns - Defense product logs (EDR, DLP, SIEM)
Single scenario, intermediate skill. Has limitations.
Feedback welcome - what other scenarios would be useful?