SOLVED

Attack simulation training experience

Occasional Visitor

Hello everybody, I want to share my own experience about work with Microsoft Attack simulation:

- passwords attacks are not accessible for now, why? possibly will be back in future, when?

- it does not work right now not like a training  ( because you have to teach your users how they have to behave when they will receive "fishing email" from Microsoft Attack simulator)

- if they (users) do not behave right way simulation does not work at all. 

- if you will teach your users how to bypass all built in Microsoft protection features, simulation will be work and assign to user training where it will say " You do not have behave like that, it is dangerous! "

 

 

1 Reply
best response confirmed by Giulian Garruba (Microsoft)
Solution
Hi Alex,

Thanks for your comments and feedback. Our current attack techniques align more with the phishing oriented scenarios which is why the password spray technique (which was available in v1) is currently unavailable. We currently don't have an ETA for when this method will be reintroduced.

Some thoughts on the rest of your comments:
- Attack Simulation Training lets you run simulations leveraging real-world de-weaponized phish payloads and helps you identify the most vulnerable users.
- There are various learning moments made available which can be leveraged to reinforce user learning. This comes through information one can share on the phish landing page as well as industry leading content provided by Terranova and helps change user behavior for the better.
- We recommend simulations be run at a regular cadence so that the risk posture can be observed over time and how the simulations and trainings (combined) are helping change user behavior.

We have some other features coming in the pipeline as well such as positive reinforcement communications that will help enterprises communicate out to users who did a great job at identifying phish emails and took the right steps as well.

Hope this clarifies, let us know if you have any additional queries.

Thank you so much!
Gopal