MS Threat modeling tool, Cairis, Iriusrisk, Kenna, OWASP pytm, OWASP threat dragon, threagile are some of the most known threat modeling tools I know.
Personally I like OWASP Threat Dragon for being supported on most common platforms, and because of its flexibility in designing and registering threats. MS Threat modeling tool provides a lot of out-of-the-box threat scenarios with details based on the model designed.
According to Microsoft it is encouraged to drop EICAR and to generate anomalous security logs in order to test security monitoring and detections in Azure… Wonder if that means their way og feeding their detection rules.
Should have mentioned this before but Red Canary and Atomic Red Team share test steps you can use to verify if your detection architecture works properly. Both for windows and linux. And of course they also cover cloud, e.g., for Azure. They publish, together most of the tests on GitHub for you to play with and some on their website, nice!
Not a revolutionary story about how government agencies bypass mobile device encryption, but more a reminder of how – software vulnerabilities. See this Wired article for a rather good summary of the research of John Hopkins Uni.