Challenge

Welcome to our challenge!

Meet Kevin, a security analyst in our SOC. This morning, while monitoring our Vectra AI platform, he identified a Suspicious Domain Activity alert linked to a Cobalt Strike command-and-control server. The public IP address involved? 139.162.204.37.

Thanks to swift action, we were able to stop the attack before it caused any damage. Good thing we decided against investing in the Vectra AI Entra ID and Azure extensions—they turned out to be completely unnecessary.

Ready to get started? Click here to download the challenge file.

MD5: 065fd3ebc0c491808ef650de2330bb44

Happy hacking and have fun!