Security is a huge driving force for Microsoft and their products, yet it can be a tremendously difficult product to demonstrate. Security threats are, by nature, secretive and malicious. Threats are not simply ‘plug and play’ when it comes to a software product demo. But as these are critical products to bring to market, Microsoft needed a demo solution that could nonetheless simulate dangerous behavior to show off their security capabilities.
Microsoft’s Cloud App Security
Microsoft’s Cloud App Security is a system that reports on a variety of user activities to flag potential security risks. It does so by tracking hundreds of applications, devices, and users within an organization. For a time, the Microsoft field sales team relied on a shared environment that was populated with fake data to demo the capabilities of Cloud App Security. They were not allowed to modify the data or meaningfully interact with the product until now.
Microsoft’s Cloud App Security and 3Sharp
Microsoft partnered with 3Sharp to develop the means to demo Cloud App Security at scale. 3Sharp worked in various ways to deliver a rich, compelling demo:
We leveraged a data set from Microsoft that populated a user’s environment with fake data, including apps and users. This provided a base level experience that could be provisioned across limitless environments.
We provisioned security policies so that important alerts would fire when a user behaved in certain risky ways. By leveraging a variety of automation, APIs, and built-in functionality, 3Sharp provisioned multiple unique and realistic policies that would catch fraudulent behavior.
Finally, to the hard part: we simulated user behaviors that produced a wide variety of alerts. In some instances, the solution was to hammer on the user’s environment by downloading files from an external user. In others, 3Sharp built proxy servers that live around the globe to simulate attacks from foreign countries. And, to meet the challenge of obfuscating a user’s IP address, 3Sharp built automation that triggered the Tor browser to access the user’s environment.
The net result of these efforts is an environment that looks and feels like a company security portal that is tracking—and effectively handling—a wide array of threats. While not easy, 3Sharp proved that with some clever thinking, even the most challenging of pre-provisioned content is possible.