Quality assurance for probes and security tests

Range is a multi-segment testing environment to validate probes and security tests.

Range is the only server-based aspect of the Prelude tech stack, however it is managed through a Serverless Application Model (SAM) application to retain the ephemeral properties of spinning up/down on demand.

Each machine in the range runs a probe and is hooked up to a Prelude account managed by the security team, for validating new tests. The range rebuilds itself weekly, to re-test the probe installers from scratch.

Range is broken into the following segments:

  • Base: one of every supported operating system (major/minor versions) with default configurations and defenses
  • Crowdstrike: one of every supported operating system, running middle-of-the-line prevention policies
  • Windows: an Active Directory environment running enterprise Defender

Each machine in the range includes a chaos monkey installation which constantly - and randomly - updates system configurations. This process is intended to construct dynamic environments that are difficult to predict in a deliberate manner.