WWT's ATC CrowdStrike Proving Ground Lab exists to showcase the CrowdStrike Falcon platform's web UI and ability to alert on, and prevent, breaches using cloud data and machine learning.

Elastic Security provides a different approach to EDR by combing EDR and SIEM capabilities which leads to reduced mean time to detect and respond to threats. Elastic Security for endpoint prevents ransomware and malware, detects advanced threats and arms responders with vital investigative context, such as prioritized detections to help stop alert fatigue.

WWT's ATC CrowdStrike and Zscaler Integrated lab exists to showcase the integration between CrowdStrike's Falcon Platform, Zscaler Private Access and Zscaler Client Connector through relevant use cases.

Cisco XDR lab to facilitate understanding around foundational XDR use for threat hunting, and providing know-how on deployment, and integration.

Tanium 7.5 Proving Ground Lab

This lab exists to provide hands-on experience with the integration between ZIA, CrowdStrike Falcon, and Okta through relevant use cases. First, this lab can be used to see how the integration between CrowdStrike Falcon and ZIA can ensure administrators have end-to-end insight into the threat landscape to minimize attack surface and deliver rapid threat detection and response. On top of this, the lab allows users to see how Okta can integrate with both CrowdStrike and Zscaler to strengthen a company's Zero Trust profile, enhance threat detection during authentication and monitor the intersection of security and access management.

Welcome to the SentinelOne Endpoint & AI SIEM Foundations lab provided by the WWT ATC! This lab provides you with a sample environment where you can gain hands-on experience with the SentinelOne solution.

WWT's ATC Palo Alto Cortex XDR Proving Ground Lab provides a consolidated solution built around Cortex XDR, the Palo Alto firewall, Windows endpoints and Windows servers to demonstrate how the Cortex XDR Agent protects against threats. The goal of Cortex XDR is to increase the operational efficiency of the security operations center. Cortex XDR accomplishes this by reducing alerts by combining similar events, stitching together logs from different sources and preventing as many threats as possible early in the attack cycle. Cortex XDR goes beyond the traditional EDR approach of using only endpoint data to identify and respond to threats by applying machine learning across all your enterprise, network, cloud and endpoint data. This approach enables you to quickly find and stop targeted attacks, insider abuse and remediate compromised endpoints. Cortex XDR combines functionality from Endpoint Protection, Endpoint Detection and Response, Network Traffic Analysis and User Behavior Analytics into a single console. This lab consists of servers running common applications that include Palo Alto Cortex XDR, Palo Alto Cortex XSOAR, Palo Alto VM-Series firewall, Active Directory, Windows IIS and SQL server, and several Windows 10 workstations. You will access the environment using a Windows-based jump host from which you can browse web consoles and open RDP/SSH sessions.

Cisco XDR Sandbox lab to facilitate experimentation for Cisco XDR use for threat hunting, integration, and viability for enterprises.

WWT's Crowdstrike Cloud Security Lab serves as a platform to showcase the utility of Crowdstrike's Falcon Agent in conjunction with the three leading cloud service providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). This lab offers a comprehensive set of instructions, guiding users step by step on how Crowdstrike's Unified Security Platform can effectively enhance visibility within a multi-cloud environment. Additionally, the lab encompasses strategies for addressing misconfigurations within these environments, the utilization of Cloud Posture Security Management (CPSM), and the real-time capabilities of the Falcon Agent in preventing cloud breaches. CrowdStrike Cloud Security establishes a continuous posture management system and breach protection mechanism for any cloud, utilizing the industry's exclusive adversary-focused Cloud Native Application Protection Platform. This holistic platform emphasizes various aspects including endpoint security, threat intelligence, identity protection, security and IT operations, as well as cloud security. The comprehensive visibility from endpoint to the cloud, facilitated by both agent and agentless capabilities within Crowdstrike's platform, provides a comprehensive perspective on threats, ensuring the identification of all vulnerabilities. Driven by extensive intelligence and end-to-end safeguarding from the host environment to the cloud, Crowdstrike's Cloud Security delivers enhanced visibility, compliance, and industry-leading rapid threat detection and response, all aimed at outsmarting adversaries.

WWT's ATC ExtraHop & Crowdstrike Integration Proving Ground Lab exists to provide a unified solution built around relevant use cases. It will showcase ExtraHop and CrowdStrike's integration to stop breaches before they can cause damage.

Systems are at higher risk without a concerted, repeatable application security configuration process. In this lab, you will learn how to build a declarative AWAF policy and achieve OWASP Top Ten (2021) compliance with the BIG-IP OWASP Compliance Dashboard. A complete CI/CD pipeline is used to deploy our AWAF policy to the BIG-IP system using Application Services 3 Extension (AS3) and Ansible.