cancel
Showing results for 
Search instead for 
Did you mean: 

McAfee Sandbox - Creating a Custom Advanced Threat Defense OS Image

 

Introduction

               McAfee's Advanced Threat Defense allows for file samples to be analyzed by custom images.  This means detection

               rates will be based on your specific organization's configurations, not a dated or irrelevant OS or configuration. In

               this document we'll cover the steps to create a custom image.  Importing the image and configuring the way samples

               are analyzed are covered here.

Video

 

 

Before Getting Started

               Creating a custom image will take about an hour, about half of this time will be spent waiting.  To make this as simple

               as possible I've gathered the links to resources you'll need in this document.  Here's a list of things you'll need:

                            *TIP: I download all of the packages into a single folder and then place them on a network drive that is available

                             in the VM I'm creating.  It saves a lot of time downloading in the VM or transferring files later.  Also many

                             of these can be used when creating addition analyzer Virtual Machines and it's convenient to have them later.

  • Creating and Customizing the VMDK

               In most cases I try to simplify the Product Guide to distill only the information you'll need, however in this case the

               product guide is very clear and includes screen shots. The process begins on page 74.

Comments

Excellent, very useful and good information.

Thanks very much

Regards,

Contributors
Version history
Revision #:
3 of 3
Last update:
‎03-14-2018 11:52 AM
Updated by: