WebsiteLinkedIn

Creating a new Custom Threat Emulation

To create a new Custom Threat Emulation:

  1. In the Custom Threat tab, at the top center, click on Emulations.

  2. The Custom Threat Validation Table changes to the Emulations View.

  3. The top right button will also change. Click on “New Emulation”.

  4. A wizard will be prompted. Supply a Name and Description (Mandatory) and then click “Next”.

  5. Select the Endpoint targets. If no endpoints are online, the user can still configure the emulation to send it later. Click “Next” to continue.

  6. Select the script to send in the emulation. The user can select multiple scripts on one single emulation.

Use the “Search name...” field to find the scripts or use the pagination at the button.

Click “Next” to continue.

  1. Review the emulation details. Click on the “Back” button to make changes to the emulation. Click “Save” to store the emulation.

  2. The new emulation will be added to the Custom Threat Validation Emulations Table at the top. Click “Launch” to send the emulation.

  3. Confirm the Emulation launch clicking “Yes". The emulation will be sent to the endpoints configured.

To abort the emulation launch, click on the “No" button.

PreviousDeleting an Existing ScriptNextReport of a Script Emulation

Last updated