Forum Discussion
Solved
Attack simulation training experience
Hello everybody, I want to share my own experience about work with Microsoft Attack simulation: - passwords attacks are not accessible for now, why? possibly will be back in future, when? - it does...
- Hi Alex,
Thanks for your comments and feedback. Our current attack techniques align more with the phishing oriented scenarios which is why the password spray technique (which was available in v1) is currently unavailable. We currently don't have an ETA for when this method will be reintroduced.
Some thoughts on the rest of your comments:
- Attack Simulation Training lets you run simulations leveraging real-world de-weaponized phish payloads and helps you identify the most vulnerable users.
- There are various learning moments made available which can be leveraged to reinforce user learning. This comes through information one can share on the phish landing page as well as industry leading content provided by Terranova and helps change user behavior for the better.
- We recommend simulations be run at a regular cadence so that the risk posture can be observed over time and how the simulations and trainings (combined) are helping change user behavior.
We have some other features coming in the pipeline as well such as positive reinforcement communications that will help enterprises communicate out to users who did a great job at identifying phish emails and took the right steps as well.
Hope this clarifies, let us know if you have any additional queries.
Thank you so much!
Gopal
Gopal-MSFT
Microsoft
MicrosoftHi Alex,
Thanks for your comments and feedback. Our current attack techniques align more with the phishing oriented scenarios which is why the password spray technique (which was available in v1) is currently unavailable. We currently don't have an ETA for when this method will be reintroduced.
Some thoughts on the rest of your comments:
- Attack Simulation Training lets you run simulations leveraging real-world de-weaponized phish payloads and helps you identify the most vulnerable users.
- There are various learning moments made available which can be leveraged to reinforce user learning. This comes through information one can share on the phish landing page as well as industry leading content provided by Terranova and helps change user behavior for the better.
- We recommend simulations be run at a regular cadence so that the risk posture can be observed over time and how the simulations and trainings (combined) are helping change user behavior.
We have some other features coming in the pipeline as well such as positive reinforcement communications that will help enterprises communicate out to users who did a great job at identifying phish emails and took the right steps as well.
Hope this clarifies, let us know if you have any additional queries.
Thank you so much!
Gopal
Thanks for your comments and feedback. Our current attack techniques align more with the phishing oriented scenarios which is why the password spray technique (which was available in v1) is currently unavailable. We currently don't have an ETA for when this method will be reintroduced.
Some thoughts on the rest of your comments:
- Attack Simulation Training lets you run simulations leveraging real-world de-weaponized phish payloads and helps you identify the most vulnerable users.
- There are various learning moments made available which can be leveraged to reinforce user learning. This comes through information one can share on the phish landing page as well as industry leading content provided by Terranova and helps change user behavior for the better.
- We recommend simulations be run at a regular cadence so that the risk posture can be observed over time and how the simulations and trainings (combined) are helping change user behavior.
We have some other features coming in the pipeline as well such as positive reinforcement communications that will help enterprises communicate out to users who did a great job at identifying phish emails and took the right steps as well.
Hope this clarifies, let us know if you have any additional queries.
Thank you so much!
Gopal