Software giant Microsoft has released SimuLab, an open-source lab technology that will help its platform defences fight against real attack scenarios.
According to Bleeping Computer, SimuLand will help the company test and improve Microsoft 365 Defender, Azure Defender and Azure Sentinel against cyberattacks.
Microsoft claims lab environments deployed using SimuLab can aid security experts ‘actively test and verify the effectiveness’ of the three platforms and extend threat research using telemetry and forensic artefacts generated after each simulation exercise.
The company added the SimuLab test environments are designed to help security teams understand the underlying behaviour and functionality of adversary tradecraft, identity mitigations and attacker paths by documenting preconditions for each attacker action, expedite the design and deployment of threat research lab environments and stay up to date with the latest techniques and tools used by real threat actors.
Furthermore, the technology is designed to identity, document and share relevant data sources to model and find adversary actions as well as validate and tune detection abilities.
Microsoft commented that it also wants to add automation of attack actions via Azure Functions in the cloud, Microsoft Defender evaluation labs integration, telemetry export and share and infrastructure deployment and maintenance.
Copyright © 2021 RegTech Analyst
Copyright © 2018 RegTech Analyst