Microsoft Releases SimuLand, a Lab Environment To Simulate Attacker Tradecraft (therecord.media) 10
Microsoft has open-sourced today a tool that can be used to build lab environments where security teams can simulate attacks and verify the detection effectiveness of Microsoft security products. The Record reports: Named SimuLand, the tool was specifically built to help security/IT teams that use Microsoft products such as Microsoft 365 Defender, Azure Defender, and Azure Sentinel. Currently, SimuLand comes with only one lab environment, specialized in detecting Golden SAML attacks. However, Microsoft said it's working on adding new ones. Community contributions are also welcomed, and the reason the project has been open-sourced on GitHub, with Microsoft hoping to get a helping hand from the tens of thousands of security teams that run its software.
"If you would like to share a new end-to-end attacker path, let us know by opening an issue in our GitHub repository, and we would be happy to collaborate and provide some resources to make it happen," Microsoft said today in a blog post. But Microsoft doesn't want only lab environments specialized in executing well-known techniques or adversary tradecraft. The OS maker is also encouraging the community to contribute improved detection rules for the attacks they're sharing, so everyone can benefit from the shared knowledge.
"If you would like to share a new end-to-end attacker path, let us know by opening an issue in our GitHub repository, and we would be happy to collaborate and provide some resources to make it happen," Microsoft said today in a blog post. But Microsoft doesn't want only lab environments specialized in executing well-known techniques or adversary tradecraft. The OS maker is also encouraging the community to contribute improved detection rules for the attacks they're sharing, so everyone can benefit from the shared knowledge.
Dupe post (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
It's even a link to the same source web site. Imma sue Slashdot for causing my eyes to roll so hard I sprained them.
Re: (Score:2)
It's not even off the main page yet. Eye roll.
They were BOTH on the main page at the same time, for at least 5 minutes -- that's the only way I saw them both and copied the link to the older entry. The other had a dozen comments when this one I ended with first. (I don't browse the other categories, I just stick to the main page.)
Not that you care, but the duplicate entries were made by different editors (that one by msmash, this one by beauhd) about six hours apart. It was a courtesy comment, anyway. Jeezum.
Re: (Score:2)
So it's basically GNS3? (Score:2)
that you have to pay a (hefty) monthly subscription for?
Simuland (Score:1)
On the dark side... (Score:2)