Thank you for your comment. I fully understand the detection I am trying to test as it is based on off the MITREATT&CK TTP's. I will be using Atomic Red to choose what TTP's I will be testing and the attack_range from github. I can then forward the logs to our own Splunk instance to view them. The issue we have is with the license's. Do I need a virtaulbox commercial license to run these tests as it will be used in a commercial environment, I am presuming yes as it seems obvious but I am not 100% sure, if this is case what is the best alternative solution. Thanks  ... View more

Hi, Thank you for your response. So by simulating attacks I mean to test my detections, testing the SPL rules I have in Splunk to detect anomoly's from the logs. What I have been looking at so far is the splunk attack_range from github along with Atomic Red to test certain MITREATT&CK TTP's. It will have to be a test environment that is totally on prem as we don't cloud access. The tutorials I am referring to are the ones I have see on youtube where you install virtualbox on ubuntu and then test labs are automatically set up and destroyed for each ttp you are testing. Yes I thought it would be easy enough to change from Virtualbox to VMWare but I can't find one video I do have a VSphere where this can be run from as multiple people from our team need to have access to this lab Please let me know what you would suggest as the best way to set this up ... View more