May 20, 2020

SafeBreach Enhances Microsoft Defender Advanced Threat Protection Evaluation Lab With Advanced Attack Simulations

SUNNYVALE, CALIFORNIA – May 20, 2020. — Today SafeBreach announces integration of its attack technique simulations into the Microsoft Defender Advanced Threat Protection (ATP) evaluation lab, offering friction-free access to SafeBreach’s market-leading Breach-and-Attack Simulation (BAS) Platform. This integration empowers security teams to instantly and accurately test the efficacy of endpoint security capabilities against leading threats such as malware infection, credential theft, data collection, ransomware, modification of registry keys, and malicious OS configurations.

The Microsoft Defender ATP team built the evaluation lab to make it push-button simple for organizations to build and run proofs of concept (PoCs) in virtual environments using real software and networking scenarios in a safe simulation environment. The built-in SafeBreach simulations markedly improve the capabilities of the lab; they enable PoCs to clearly demonstrate the effectiveness of various Microsoft Defender ATP configurations and empower security teams to closely observe and review prevention, detection, and remediation features in action. These simulations and the reports they generate cover the full span of a simulated attack along the entire kill chain.

“We share a mission with Microsoft to make organizations more secure by enabling them to adopt the most effective security tools,” says Itzik Kotler, CTO and co-founder of SafeBreach. “This integration gives security teams the best-in-class breach and attack simulation platform to use for their product validation to make sure they can try before they buy with the highest possible level of confidence.”

Security teams using the evaluation lab do not need to make any code or configuration changes to run the SafeBreach simulations. Testers can simply select from one of the available scenarios in their evaluation lab control panel, immediately run the simulations, and then receive the results for further validation and analysis.

“Evaluating endpoint protection solutions under real-world scenarios is highly critical for our customers, yet can be technically challenging and time consuming,” says Moti Gindi, Corporate Vice President, Microsoft Threat Protection. “The SafeBreach integration within Microsoft Defender ATP evaluation lab enables customers to easily simulate a wide range of attacks and learn more on how to improve detection, investigation and response capabilities in their network, tackling some of the most critical threats they face in the wild.”

In the lab, testers can choose between different simulations, each of which covers a broad range of potential attack tactics and procedures.

The first five available attack simulations include:

  • APT29 (CozyBear) – attacks for localhost infection and malicious behavior
  • Credential threat – techniques such as dumping passwords and authentication tokens
  • OS configuration changes – modifying the operating system configuration to enable malicious activity
  • Code execution – techniques to verify whether it is possible to enable malicious activity
  • Ransomware infection – known attacks including WannaCry, JAFF, Locky, NotPetya, and others

Please read the SafeBreach solution brief for more information.

About SafeBreach

A pioneer in the Breach and Attack Simulation (BAS) market, SafeBreach is the world’s most widely used continuous security validation platform. The patented platform automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container, and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Founded in 2014 by experienced CISOs, hackers, and security entrepreneurs, SafeBreach makes it possible for security teams to invest wisely, protect more and mitigate risk.

Media Contact:

Merritt Group for SafeBreach – [email protected]

Subscribe to
our Newsletter