Forum Discussion
Generating alerts in test lab
Hi All, I have set myself up a Defender test lab and I have my DC connected to Defender for Identity and I have 2 user machines that are onboarded to Defender for Endpoint. I also have all the re...
MSFT Used to have some really good lab playbooks on this. It looks like they moved it off Prod Tech net and is only avaialble in Git Hub
https://github.com/MicrosoftDocs/ATADocs/blob/master/ATPDocs/playbook-lab-overview.md
https://github.com/MicrosoftDocs/ATADocs/blob/master/ATPDocs/playbook-reconnaissance.md
https://github.com/MicrosoftDocs/ATADocs/blob/master/ATPDocs/playbook-lateral-movement.md
Another option is to use the Built-in Simulation engine from MSFT.
https://security.microsoft.com/tutorials/simulations