McAfee's Advanced Threat Defense allows for file samples to be analyzed by custom images. This means detection
rates will be based on your specific organization's configurations, not a dated or irrelevant OS or configuration. In
this document we'll cover the steps to create a custom image. Importing the image and configuring the way samples
are analyzed are covered here.
Creating a custom image will take about an hour, about half of this time will be spent waiting. To make this as simple
as possible I've gathered the links to resources you'll need in this document. Here's a list of things you'll need:
*TIP: I download all of the packages into a single folder and then place them on a network drive that is available
in the VM I'm creating. It saves a lot of time downloading in the VM or transferring files later. Also many
of these can be used when creating addition analyzer Virtual Machines and it's convenient to have them later.
In most cases I try to simplify the Product Guide to distill only the information you'll need, however in this case the
product guide is very clear and includes screen shots. The process begins on page 74.
Excellent, very useful and good information.
Thanks very much