Attack Simulator for Office 365 Lets You Play the Hacker

Attack Simulator for Office 365 Lets You Play the HackerTackling Security from Another Angle

If you’ve ever wanted to throw digital darts at your end users in the name of good security, the time is now. Now in public preview, the Attack Simulator for Office 365 Threat Intelligence is designed to be a more direct tool for threat prevention. 

As the name implies, the Attack Simulator is an add-on to Office 365 Threat Intelligence, a tool that gathers and presents data about past and likely future threats in an environment. The tool is generally based on information collation and insight, so the hands-on Attack Simulator is a welcome, proactive addition.

The Attack Simulator preview includes three possible attack scenarios: display name spear phishing, password spray, and brute force (the released version is expected to have multiple more scenarios). No matter which you pick, you can launch simulated attacks on your users and see how they respond. How end users behave will help you determine if the right security policies are in place as well as who might be vulnerable to a real attack. 

Neither the announcement nor the Microsoft roadmap entry includes any mention of the part where you don a Guy Fawkes mask and cackle wildly as co-workers cower at their desks, but we assume that’s integral to the experience. 

The Cayospective

The Attack Simulator looks to be a powerful addition to Office 365 Threat Intelligence, allowing you to put your users and policies through their paces. And when it comes to the ever-changing challenges of security, that’s a tempting offer. We’re looking forward to getting our hands on the tool and seeing what it can do. 

Of course, the Attack Simulator (and the Threat Intelligence tool) comprise only one small part of the security management needed to keep up with threats. Microsoft’s Office 365 Secure Score is an excellent tool for general security management, but keeping up with its best practices can be time-consuming and arduous for day-to-day administration.

That’s why we built a set of tools to help improve enterprises’ Security Scores. Our free Analytics and Visibility Reports help you keep up with continual reviews and clarify what needs to be changed to align with best practices.

Check out these relevant resources.

New Survey Finds...

Active Directory forest recovery not taken serious enough. See what else your peers had to say.