BSides Delaware 2016 Presentation - VMs All the Way Down

Here is my presentation from BSides Delaware 2016. It will also be posted to slideshare and the link will be added when available.
The focus of the talk is creating an advanced information security test lab without breaking the bank. It was written for those who have used virtual machines in one-off scenarios and are looking to expand to a more advanced/dedicated setup. The goal is to explain type 1 vs. type 2 hypervisor options and propose a setup with multiple VMs, network segments, and a router. The lab will mimic a typical multi-tiered corporate environment, be extremely flexible, and best of all, run for free within a single PC.


Just getting started in InfoSec and need some guidance on virtualization? Used virtual machines before, but want to expand to a more complex, dedicated virtual lab? This talk will cover the numerous hardware and software options you should consider, and will discuss both simple and complex configurations. The focus will be on setting up a lab that is home friendly, inexpensive, and as flexible as possible. Offense and defense setups will be discussed, as well as recommendations for virtualization software, server hardware, and networking gear. You will leave with a list of VMs to use, an understanding of the benefits of hosted vs. bare metal hypervisors, different virtualization packages, and how to build an inexpensive lab that emulates a multi-tiered corporate environment.