test your securıty controls


  • Simulate malware of Russian APT actor
  • Test your WAF, IPS, and NGFW against frequently exploited vulnerabilities
  • Uncover gaps in your security controls
  • Enable provided prevention signatures to fix gaps
  • Secure your network against Russian APT actors
  • Continuously validate your security controls and cyber posture.


1. Let's look at Microsoft Exchange
CVE-2021-26855 vulnerability attacks in Picus Threat Library. To see the Threat Library, click on Threats.

Step 1 image

2. Picus Threat Library has more than 11000 attack simulations. To search for a particular vulnerability by their CVE number, click on Threat Library.

Step 2 image

3. In Threat Library, you can search attack simulations by their CVE numbers. To search for Microsoft Exchange CVE-2021-26855 vulnerability, click on the search bar.

Step 3 image

4. Click on CVE from the drop down menu.

Step 4 image

5. Type CVE-2021-26855 in the search bar and press enter.

Step 5 image

6. Click highlighted icon to run the search in the Picus Threat Library.

Step 6 image

7. Picus Threat Library includes 2 attack simulations available for Microsoft Exchange CVE-2021-26855 vulnerability. Let's see the detail of the simulation by clicking on it.

Step 7 image

8. Under Overview tab, the vulnerability description is available. Let's click Assess to go to assessment screen.

Step 8 image

9. Under Assess tab, you can run attack simulations any time you want. Click on Assess to run simulation for Microsoft Exchange CVE-2021-26885 vulnerability.

Step 9 image

10. Assessment is finished and the result is "Not Blocked" as indicated by the red icon but don't worry. Picus also provides prevention signatures of security vendors. Let's click on Prevention tab to see these signatures.

Step 10 image

11. Vendor signatures for IPS, WAF and NGFW to prevent the simulated attack can be found under Prevention tab.

Step 11 image

12. With few click, we quickly simulated Microsoft Exchange CVE-2021-26885 vulnerability attacks and obtain prevention signatures.

Click here to request your free Picus demo to test your security control against cyber threats.

Step 12 image

Here's an interactive tutorial

** Best experienced in Full Screen (click the icon in the top right corner before you begin) **

See Picus in Action

Watch how you can easily simulate Log4j attacks to assess your security posture and prevent them with signatures of your WAF, IPS, and NGFW.