Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Evaluation lab updates: device renewal and new simulations
Published Jul 06 2021 08:12 AM 6,205 Views
Microsoft

Microsoft Defender for Endpoint’s Evaluation Lab is growing with a new feature for device renewal, as well as two new simulations! 

 

The evaluation lab is a playground for you to test Microsoft Defender for Endpoint’s defense against test scenarios of your own, as well as various simulations provided by our partners SafeBreach & AttackIQ, without the hassle of setting up a testing environment. 

 

Until now, the evaluation lab provided customers with a limited number of devices. Now, you can renew your lab resources once a month, allowing you to continuously use the evaluation lab for your testing needs. To do this, simply click on the “request for more devices” button, choose your configuration, and submit the request. 

 

Yaniv_Carmel_3-1625582836608.png

 

When the request is submitted successfully, you will see a green confirmation banner and the date of the last submission. 

 

Yaniv_Carmel_4-1625582836612.png

 

You can find the status of your request in the “User Actions” tab. Expect the request to be approved shortly. 

 

Now that you have added your new devices, it’s a great time to check out our new simulations for Carbanak and FIN7, as well as Solorigate, provided by SafeBreach! 

 

These simulations allow you to evaluate Microsoft Defender for Endpoint’s detection and protection capabilities against a few of the most prominent threat actors these days. 

 

Carbanak and FIN7 are financially-motivated threat groups, considered to be two of the most successful criminal hacking groups in the world, so much that they were chosen to be the subject of the recent MITRE Engenuity ATT&CK® 2021 evaluation. 

 

Solorigate is a supply chain attack utilizing SolarWinds’ popular network management software - SolarWinds® Orion®. This campaign, dubbed “the largest and most sophisticated attack the world has ever seen”, left tens of thousands of organizations vulnerable. 

 

To run these simulations, navigate to the “Tutorials & simulations” section, choose a simulation, and click “run”. Then, in the “Create simulation” side panel, select a device and click on the “Create simulation” button. 

 

Yaniv_Carmel_6-1625583450605.png

 

To learn more about the simulations, read the simulation documentation: 

3 Comments
Version history
Last update:
‎Jul 11 2021 04:13 AM
Updated by: