Fictotech Demo Progression πŸ“ˆΒΆ

OverviewΒΆ

This lab will focus on the Fictotech demo story now live on SE and partner-facing demo environments. It is important that technical sellers understand how to best position the inherent value of the Vectra platform. The Fictotech storyline outlines a hypothetical adversary progression involving modern techniques across multiple attack surfaces - similar to what we are all observing regularly in the news.

In this lab, you will follow the attacker from the network to the cloud and stop them before damage is done!

Lab Access πŸ”ΒΆ

For this lab, you will need to access two primary interfaces:

  1. The Fictotech Demo CTFd interface. This is the same interface leveraged in our Red, Blue, and Purple Team Workshops.

  2. A Vectra Respond UX interface.

NOTE: The method to access both the CTFd and Respond UX interfaces will differ depending on if you are a Vectra Employee or a Vectra Partner.

Access For Vectra Employees 🧠¢

The Fictotech Demo CTFd should be directly accessible to you via routes published in Zscaler.

In addition, you will also need to access a specific SaaS instance providing your Respond UX interface. Find your name in the below table, and note your URL under the β€œCluster” column:

NOTE: In order to view the table above, you will need to be logged into your Vectra Microsoft account. If th table does not load, try accessing this page from a Private/Incognito browser window, click the β€œSign In” button, and authenticate with your Vectra Microsoft credentials.

Access For Partners 🀝¢

You will access the lab via the following link: https://btw-06.vectracloudlab.com/

You will be prompted to enter a username and password in a pop-up window for our reverse proxy. Those credentials are:

username: vectra_1701295190
password: 4ukNRl9xBHU

These credentials should only need to be entered once per session.

Notes on RUX PerformanceΒΆ

During the exercise, due to the amount of simultaneous users, it’s possible that performance may be slower than expected. In most cases, being patient is the best course of action.

If performance continues to be an issue, dropping ZPA can increase response times.

References πŸ“šΒΆ

SurveyΒΆ

  • Please complete the survey for this lab here

ΒΆ