Skip to main content

5-Minute Fire Drill

See Garnet block real malicious behavior in less than 5 minutes.
1

Clone demo repo

git clone https://github.com/garnet-labs/fire-drill-demo
cd fire-drill-demo
2

Deploy agent

helm repo add garnet https://helm.garnet.ai
helm install garnet garnet/garnet \
  --namespace security \
  --create-namespace \
  --set garnet.token=<API_KEY>
Get your API token from the Garnet Dashboard
3

Run drill

make drill npm-worm
4

Observe

Detection appears in Dashboard → Incident DetailsStatus: Blocked by policy DropDomain
Expected result: Connection to pool.xmrig.com denied.
  • TTD: 47s (Time To Detect)
  • TTR: 0s (Time To Respond - blocked automatically)

What just happened?

  1. The npm-worm drill simulated a supply chain attack
  2. Jibril detected the malicious network connection attempt
  3. The DropDomain policy automatically blocked it
  4. You received real-time alerting

Try More Fire Drills

Explore other attack scenarios

View Dashboard

See your detections
I