CyberBattleSim

Adversaries show no restraint in adopting tools and techniques that can help them attain their goals.  To stay ahead of them, Microsoft continues to harness AI and machine learning to solve security challenges. One area we’ve been experimenting on is autonomous systems. We examine how autonomous agents interact within a simulated enterprise network, and how reinforcement learning techniques can help improve security.

We release the source code of a research toolkit we call CyberBattleSim on GitHub. This experimental research project investigates how autonomous agents operate in a simulated enterprise environment using high-level abstraction of computer networks and cybersecurity concepts. The toolkit uses the Python-based OpenAI Gym interface to train automated agents with reinforcement learning algorithms. The code is available at https://github.com/microsoft/CyberBattleSim (opens in new tab).