Introducing attack simulation training
Organizations equipped with Microsoft Defender for Office 365 Plan 2 (either through add-on licenses or as part of packages such as Microsoft 365 E5) can use Attack simulation training within the Microsoft Defender portal (security.microsoft.com). This feature allows you to execute realistic but safe attack scenarios within your environment, which are crucial for pinpointing and aiding vulnerable individuals before a genuine cyber incident occurs. An attack simulation training exercise involves deploying seemingly authentic yet harmless phishing emails to users in the hopes of determining if the users would fall for this phishing attempt (Microsoft, 2024a). When configuring these simulations, the security team will have to configure the following aspects:
- Who will receive the training via simulated phishing emails and when? A controlled approach ensures that results can be better sorted and training results are much more useful.
- What...
