Microsoft has introduced a beta function to its Attack Simulation Training suite, offering a range of new features and functionality for improving the defence against phishing messages.
- The new API, part of Microsoft’s Graph API suite, enables security teams to create customised attack scenarios based on real events specific to an organisation’s infrastructure.
- This makes it simpler to identify potential vulnerabilities and analyse the existing security measures.
- Other key benefits include the API’s ability to integrate with other security tools and services and how it allows managed service providers and cloud solution providers to manage multiple tenants as part of their security tools and services.
- The API comes with an array of features, including the ability to launch a social engineering simulation using a range of attack techniques such as credential harvesting, track long-running attack simulation operations, and select all or specific target users for a simulation.
- Additional features include the ability to create and edit a simulation automation, creating a new simulation using OAuth technique, and customisation of training, login page, landing page, payload indicators and end-user notifications.
