Description

How does that old saying go? Keep your friends close and keep your understanding of a threat actor’s underlying behavior and functionality of tradecraft closer? As new tools are developed and implemented for individuals and businesses to protect themselves, wouldn’t it be great to see how they hold up against different attacks without actually having to wait for an attack to happen? Microsoft’s new open-source tool, Simuland, allows users to simulate attacks on their own infrastructure to see where their own weaknesses lie.  

In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham sit down with Roberto Rodriguez, Principle Threat Researcher for the Microsoft Threat Intelligence Center (MSTIC) and Simuland’s developer, to understand how the project came to life, and what users can expect as they use it.  

In This Episode You Will Learn:  

• How community involvement will help Simuland grow 
• How individuals can use Simuland to see examples of actions threat actors can take against their infrastructure 
• What other projects and libraries went into Simuland’s development 

Some Questions We Ask:  

• What exactly is being simulated in Simuland? 
• What do does Roberto hope for users to take away from Simuland? 
• What is next for the Simuland project? 

Resources:  

Roberto Rodriguez’s LinkedIn

Roberto’s blog post, SimuLand: Understand adversary tradecraft and improve detection strategies

Roberto’s Twitter: Cyb3rWard0g

Microsoft Security Blog

Nic’s LinkedIn

Natalia’s LinkedIn

Related:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked: CISO Series with Bret Arsenault 

Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.