Microsoft has open-sourced SIMULAND a tool that can be used to build lab environments where security teams can simulate attacks and verify the detection effectiveness of Microsoft security products.
SimuLand comes with only one lab environment, specialized in detecting Golden SAML attacks.Microsoft said it’s working on adding new ones. Community contributions are also welcomed, and the reason the project has been open-sourced on GitHub, with Microsoft hoping to get a helping hand from the tens of thousands of security teams that run its software and by sharing everyone can benifits on knowledge
SimuLand’s release comes a month after Microsoft open-sourced another cybersecurity-related project. Named CyberBattleSIM,Python-based artificial intelligence (AI) engine to carry out attacks against a company’s internal network.
Microsoft built the project to allow security teams to test how an attacker would spread and move laterally across an internal network after an initial compromise.
The OS maker hopes that the results from CyberBattleSim simulations would help network defenders improve the security of their internal network, as today, most security teams seem to have an obsession with bolstering up the network edge while leaving their internal network exposed to even to most basic attacker techniques