Security News > 2021 > May > Microsoft releases SimuLand, a test lab for simulated cyberattacks
Microsoft has released SimuLand, an open-source lab environment to help test and improve Microsoft 365 Defender, Azure Defender, and Azure Sentinel defenses against real attack scenarios.
SimuLand test labs "Provide use cases from a variety of data sources including telemetry from Microsoft 365 Defender security products, Azure Defender, and other integrated data sources through Azure Sentinel data connectors," MSTIC Threat Researcher Roberto Rodriguez said.
Lab environments deployed using SimuLab can help security experts "Actively test and verify the effectiveness of related Microsoft 365 Defender, Azure Defender, and Azure Sentinel detections, and extend threat research using telemetry and forensic artifacts generated after each simulation exercise."
Besides working on adding more scenarios, Microsoft also wants to add automation of attack actions via Azure Functions in the cloud, telemetry export and share, Microsoft Defender evaluation labs integration, as well as infrastructure deployment and maintenance using CI/CD pipelines with Azure DevOps.
Lab environments contributed through this open-source Microsoft initiative require an Azure tenant and at least a Microsoft 365 E5 license.
"The simulated attacker's goal is to take ownership of some portion of the network by exploiting these planted vulnerabilities," Microsoft explained.