In this two-hour hands-on workshop we will show attendees how to build their own EDR/XDR/MDR platform leveraging open-source and free tools. Attendees will learn to deploy cross-platform EDR sensors, how to use sigma detection rules, write custom detection rules, and leverage open source adversary emulation tools ( Atomic Red Team) to test new them. We will then discuss how to extend these capabilities for investigations and threat hunting by integrating additional open source or free tools to gather additional telemetry such as Sysmon and Velociraptor.