Forum Discussion
Executive reporting for Attack Simulation Training
Good day, My organization has decided to use Microsoft Attack Simulation Training to train our userbase to resist phishing and social engineering attacks. I am experiencing a few challenges: ...
1) I would say Excel is not too much work unless you have many simulations to keep track of. I see that you have already spotted the Repeat Offender feature. I must admit that I have not used it.
2) I think the filter is it. Payloads can be archived, but not simulations. Given that payloads and notices need testing, you are never going to have a completely "clean" simulation table. Choose your simulation names wisely and the filter will screen the clutter.
3) You could copy the payload code view from a Credential Harvest payload to a Drive-by URL payload then set a new phishing link, or simply choose or create a Drive-by URL payload. With the Credential Harvest, the User export shows you those who clicked on the first stage but went no further. The same report also tells you those who reported the message (assuming you are counting EXO user submissions rather than some internal service desk process).
4. I do not use the feature but I have tested the Repeat Offenders report and its export, and the data is there if you don't mind unpacking comma-separated lists in cells.
HTH
Yes, I only have one hammer, and it is square and green...
2) I think the filter is it. Payloads can be archived, but not simulations. Given that payloads and notices need testing, you are never going to have a completely "clean" simulation table. Choose your simulation names wisely and the filter will screen the clutter.
3) You could copy the payload code view from a Credential Harvest payload to a Drive-by URL payload then set a new phishing link, or simply choose or create a Drive-by URL payload. With the Credential Harvest, the User export shows you those who clicked on the first stage but went no further. The same report also tells you those who reported the message (assuming you are counting EXO user submissions rather than some internal service desk process).
4. I do not use the feature but I have tested the Repeat Offenders report and its export, and the data is there if you don't mind unpacking comma-separated lists in cells.
HTH
Yes, I only have one hammer, and it is square and green...