1 1

BlueSky Ransomware - Public Case #19208

BlueSky Ransomware - Public Case #19208

$14.99 USD
$14.99 USD
Sale Sold out
Easy
Access Time - Starts After Checkout

This DFIR Lab is based on the public case "SQL Brute Force Leads to BlueSky Ransomware."

To read more about DFIR Labs click here.

Your access time starts at purchase time. You will receive an email within 5 minutes of purchase with instructions on how to connect to the lab. Enjoy!

Disclaimer

All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.

View full details

Customer Reviews

Based on 7 reviews
100%
(7)
0%
(0)
0%
(0)
0%
(0)
0%
(0)
E
E.W.
Case was great, Questions could be better

The case was great, beginner friendly, realistic and had a few tricks that were nice.
The questions on the other hand could have been more complicated, questions the require the analyst to really take the time and recreate the incident's timeline.

K
K Jones
10/10!

Great learning experience!
A lot of data to parse through and generous time allocation to fit numerous circumstances, and for a very reasonable cost! Looking forward to more becoming available in the (near?) future!

Highly recommend to polish up the skills or get a taster for industry-like hands-on experience!
Only request if I had one: Splunk pls

H
Huseyin Eksi
Great approach!

DFIR report team again made something incredible!

A
Anonymous
Great few hours!

I was on the lookout for some realistic incident response labs, ans this easy lab from DFIRReport couldn't have been better! It basically sits you down in front of the tools and it's up to you to make good use of them. Overall, the 2 days were more than enough for this lab, but I assume the medium and hard ones will be a bigger challenge.

My tip: Go to the quiz right away, you will find some hints there to help you along (in case you are not familiar with KQL). For me, the biggest challenge was not in filtering, but in getting the fields I need to show up (looking for a username can be difficult if you don't know which field it's saved in, but that's my own shortcoming.)

Overall, a great quick lab if you have a few hours to kill! I'm officially hooked and will be running through the medium and hard labs soon!

S
Saiprashanth Pulisetti
The perfect lab for threat analysis

I recently took the DFIR exam and I am happy to say that I passed with flying colors thanks to the valuable resources and study materials provided on the DFIR website. The practice exams and study guides were extremely helpful in preparing me for the exam and I felt confident and well-prepared on exam day. I highly recommend the DFIR website to anyone looking to pass their DFIR exam with ease. Thank you for helping me achieve my goal!

12