This section describes how to configure the guest environment that will be used for recording. Notably, this includes:
- Reducing the background OS activity to what is strictly necessary, to avoid recording irrelevant processes. For example:
- Disabling background services,
- Deactivating anti-viruses,
- Ensuring REVEN can reconstruct OS-Specific Information (OSSI) from the scenario once recorded, for instance:
- Disabling certain security features which hinder kernel memory querying.
- On Linux, populating the VM with debug binaries for symbol retrieval.
As the processes are very different from one OS to another, they are separated: