SimuLand- Microsoft’s own open source attack simulation released to test the security controls.Tweet
Good news!! Microsoft has released an open source tool to simulate the cyber security attacks for improving detection strategies on various tools like Microsoft 365 Defender, Azure Defender, and Azure Sentinel products.
This tool can also enable the organizations to extend the threat research by using its telemetry and forensic artefacts which are generated after every exercises.
Microsoft stated “Our goal is to have SimuLand integrated with threat research methodologies where dynamic analysis is applied to end-to-end simulation scenarios. The image below shows where SimuLand would fit.”
Additionally, Microsoft suggested that every simulation plan which was provided through this project is based on MITRE ATT&CK framework
Microsoft stated that this tool was build for the underlying principles:
- Understand the underlying behavior and functionality of adversary tradecraft.
- Identify mitigations and attacker paths by documenting preconditions for each attacker action.
- Expedite the design and deployment of threat research lab environments.
- Stay up to date with the latest techniques and tools used by real threat actors.
- Identify, document, and share relevant data sources to model and detect adversary actions.
- Validate and tune detection capabilities.”
Microsoft invites the researchers / developers to contribute for this tool via its Github repository.
–For more Cyber security news in crisp content . Please follow our site