New Blog Post | Sharing the first SimuLand dataset to expedite research & learn adversary tradecraft

%3CLINGO-SUB%20id%3D%22lingo-sub-2616568%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Sharing%20the%20first%20SimuLand%20dataset%20to%20expedite%20research%20%26amp%3B%20learn%20adversary%20tradecraft%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2616568%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22SimuLand-and-Security-Datasets.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F300923i841D342BDF30C449%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22SimuLand-and-Security-Datasets.png%22%20alt%3D%22SimuLand-and-Security-Datasets.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F08%2F05%2Fsharing-the-first-simuland-dataset-to-expedite-research-and-learn-about-adversary-tradecraft%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESharing%20the%20first%20SimuLand%20dataset%20to%20expedite%20research%20and%20learn%20about%20adversary%20tradecraft%20%7C%20Microsoft%20Security%20Blog%3C%2FA%3E%3C%2FP%3E%0A%3CP%3ELast%20month%2C%20we%20introduced%20the%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FAzure%2FSimuLand%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESimuLand%20project%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eto%20help%20security%20researchers%20around%20the%20world%20deploy%20lab%20environments%20to%20reproduce%20well-known%20attack%20scenarios%2C%20actively%20test%20detections%2C%20and%20learn%20more%20about%20the%20underlying%20behavior%20and%20implementation%20of%20adversary%20techniques.%20Since%20the%20release%20of%20the%20project%2C%20we%20have%20worked%20on%20a%20second%20phase%20to%20improve%20the%20current%20documentation%20and%20collect%20the%20telemetry%20generated%20after%20running%20the%20simulation%20plans%20in%20the%20lab%20guides.%3C%2FP%3E%0A%3CP%3EToday%2C%20we%20are%20excited%20to%20release%20a%20dataset%20generated%20from%20the%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FAzure%2FSimuLand%2Ftree%2Fmain%2Flabs%2F01_GoldenSAMLADFSMailAccess%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Efirst%20simulation%20scenario%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eto%20provide%20security%20researchers%20with%20an%20option%20to%20access%20data%20mapped%20to%20attack%20behavior%20without%20deploying%20the%20full%20environment.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2616568%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

SimuLand-and-Security-Datasets.png

Sharing the first SimuLand dataset to expedite research and learn about adversary tradecraft | Micro...

Last month, we introduced the SimuLand project to help security researchers around the world deploy lab environments to reproduce well-known attack scenarios, actively test detections, and learn more about the underlying behavior and implementation of adversary techniques. Since the release of the project, we have worked on a second phase to improve the current documentation and collect the telemetry generated after running the simulation plans in the lab guides.

Today, we are excited to release a dataset generated from the first simulation scenario to provide security researchers with an option to access data mapped to attack behavior without deploying the full environment.

0 Replies