Microsoft Defender ATP evaluation lab breach & attack simulators are now available in public preview
Published May 20 2020 08:58 AM 22.2K Views
Microsoft

Update: this integration is now generally available as of June 2020. 

 

Microsoft Defender ATP has partnered with breach and attack simulation solutions, AttackIQ and SafeBreach, to give you convenient access to attack simulators right from the within the portal! These capabilities, now in public preview, are built into our evaluation lab, have no prerequisites, and we encourage you to check them out. 

 

Running threat simulations using third-party platforms is a good way to evaluate and experience Microsoft Defender ATP capabilities within the confines of a lab environment. It’s also a great way to verify that your environment is well configured and protected against advanced threats.  

When you enable the integration, every lab machine you create will have the chosen agent(s) installed, allowing you to run a wide variety of cool simulations. 

 

Running a simulation on a lab device just takes a couple of clicks – and you’ll be able to see results right away – all presented to you in the evaluation lab console as you can see in the image below. 

machinestab2.JPG

 

simulation2.JPG

 

AttackIQ and SafeBreach simulations are easily accessible from within the simulations catalog in the simulations & tutorials section of evaluation lab. Each simulation comes with an in-depth description of the attack scenario, references to MITRE ATT&CK techniques and attack groups part of the simulation, as well as sample advanced hunting queries you can run. 

 

gallery2.JPG

 

gallery3.JPG

 

If you have preview features turned on in Microsoft Defender ATP, you can try out the new attack simulators in the evaluation lab today 

 

Already have a lab? Make sure to enable the new breach and attack simulators and have active machines. 

 

Need more machines in your lab? Submit a support ticket to have your request reviewed by the Microsoft Defender ATP team. 

 

For more information, see the Microsoft Defender ATP evaluation lab documentation. 

 

 

 

8 Comments
Version history
Last update:
‎Jun 25 2020 08:58 AM
Updated by: