Microsoft has made a tool for simulating cyber attacks open source. The tool allows security researchers to set up virtual environments for cyber attacks and verify that their Microsoft products are properly secured.
The tool, SimuLand, was developed for IT teams using products such as Microsoft 365 Defender, Azure Defender and Azure Sentinel and can currently mimic a specific environment to discover Golden SAML attacks. Microsoft says it will expand its functionality in the near future.
Because the tool is now open source, others can also contribute to simulate more cyber attacks. The company is calling on security researchers to share new end-to-end attack paths in the GitHub repository and to exchange attack detection rules.
SimuLand provides researchers with a laboratory environment that mimics well-documented cyber attacks that can actively test the security of Microsoft cloud services. In doing so, researchers gain a variety of forensic insights into their system to learn exactly how an attack takes place.
It is the second cyber-attack simulation tool released by Microsoft in a short period of time. A month ago, it introduced CyberBattleSim, an artificial intelligence engine that can perform simulated cyber attacks on a company’s internal network.