Microsoft wants to help companies test and prepare for cyberattacks

Simuland project hopes to facilitate wider collaboration with security community

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas announced a newopen sourceinitiative to assist security researchers reproduce well-known techniques used in real attack scenarios inside a lab.

The software giant explains that using its simulated environment, named SimuLand, security experts will be able to test and verify the effectiveness of the company’s related security products includingMicrosoft 365Defender,AzureDefender, andAzure Sentinel.

The telemetry and forensic artifacts generated after each simulation exercise will also help extend threat research, Microsoft says.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

“Our goal is to have SimuLand integrated with threat research methodologies where dynamic analysis is applied to end-to-end simulation scenarios,” says Roberto Rodriguez, Threat Researcher, Microsoft Threat Intelligence Center (MSTIC) R&D.

More features coming soon

Rodriguez explains that SimuLab will help security teams understand the behavior and methods of their adversaries. It’ll also help them stay on top of the latest techniques and tools used by threat actors.

The tool will also help identify mitigations based on predefined conditions for each attacker action, and help tune and validate the detection capabilities of the various security tools.

According toBleepingComputer, currently SimuLand only supports one lab environment, which is designed to help test and improve defenses against Golden SAML attacks, in order to prevent threat actors from breaking intocloud apps.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Rodriguez adds that the team is working to create more labs, and also plans to add several features to the project, including the ability to export and share all generated telemetry with the largercybersecuritycommunity.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Should your VPN always be on?

3 reasons why PIA fell in our best VPN rankings

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’