At Microsoft, we continuously collaborate with customers and the InfoSec community to learn more about the latest adversary tradecraft so that we can improve our detection strategies across all our security services. Even though those detections are already built into our products, and protecting customers today, we believe it is important for security researchers to go beyond alerts and detections to understand the underlying attack behaviors and technical implementation of adversary techniques. This also empowers others in the InfoSec community to better respond to investigations of related attacks. To help the broader security community with these efforts, we are releasing SimuLand.