Breach Simulation. PHOTO: Cybercrime Magazine.

10 Hot Breach And Attack Simulation Companies To Watch In 2021

Continuous, automated red-teaming is the new trend

David Braue

Melbourne, Australia – Apr. 17, 2021

One of the recurring themes in post-breach analysis is the frequency with which otherwise security-savvy organisations are getting compromised by existing vulnerabilities. The persistence of such security holes, despite ready availability of fixes, points to even bigger issues in critical security capabilities such as patch management — but how can you find those vulnerabilities before the cybercriminals do?

Recognizing that conventional penetration testing requires more skills, resources and time than most companies have available to them, many have turned to breach and attack simulation (BAS) tools — a collective term coined by Gartner just a few years ago — to check their exposure through automated breach testing.


Cybercrime Radio: Organizations Globally Under Cyber Attack

Avihai Ben-Yossef, co-founder & CTO at Cymulate


Open-source BAS tools such as APTSimulator, Caldera, Metasploit and NeSSi²  have long been used by network security professionals to run tests against their infrastructure on an ad hoc basis, but growing awareness of the need for regular testing has driven a surge in automated BAS services that increase the frequency and consistency of testing.

Given broad agreement that cybercriminal activity will only get more intense and damaging this year, automated testing is well worth looking into.

Hot BAS Companies

Who’s who in the BAS space? Here’s 10 hot companies the editors at Cybercrime Magazine are watching in 2021, and you should too.

  • AttackIQ, Los Altos, Calif. Launches attacks spanning network and cloud security, testing any system at scale against the target company’s production environment.
  • BreachLock, Amsterdam, the Netherlands. Delivers penetration testing as a service (PTaaS), allowing you to initiate vulnerability scans with a few clicks or run them automatically at intervals. BreachLock’s team of white-hat ethical hackers can follow up to perform manual pen-testing based on the results.
  • Cymulate, Tel Aviv, Israel. Drawing on the industry-standard MITRE ATT&CK database, Cymulate’s continuous optimization platform automatically throws everything in the book at your network — and provides detailed results with scores showing how vulnerable you are.
  • Detectify, Stockholm, Sweden. Focused on web application security, Detectify Deep Scan looks for unknown and known application vulnerabilities including OWASP Top 10, DNS and Amazon S3 bucket misconfigurations. Crowdsourced threat intelligence keeps the testing database current, and its cloud design means it scales along with your application base.
  • Foreseeti, Stockholm, Sweden. Automated red teaming tool uses university-developed securiCAD technology to run detailed attack simulations against AWS, Azure and on-premises network models.


  • Guardicore, Tel Aviv, Israel. Open-source Infection Monkey tests against MITRE ATT&CK and Forrester Zero Trust frameworks to gauge network and cloud protection against scenarios like credential theft and compromised machines. Generates visual network maps and machine-specific remediation advice.
  • Picus, San Francisco, Calif. Automated testing engine evaluates security controls against the cyber kill chain, using a library of thousands of adversarial scenarios to find weak spots in cloud-based and on-premises security.
  • Randori, Boston, Mass. Cloud-based security scanner requires no setup and offers continuous automated red teaming, scanning your network infrastructure to map the external attack surface as an attacker would see it — and prioritize their most likely targets.
  • ReliaQuest, Tampa, Fla. GreyMatter security monitoring platform integrates automated security testing with a host of operational security tools to continuously measure security vulnerability and focus remediation.
  • XM Cyber, Tel Aviv, Israel. Billed as an “attack-centric exposure prioritization platform,” continuous application testing is positioned to help SecOps focus resources on the most critical vulnerabilities in your network.

“Despite constant investments in security, organizations are surprised when they get breached. Why didn’t their security stack detect or prevent the breach,” says Eyal Wachsman, co-founder and CEO at Cymulate.

“With the rapid pace of change in enterprise IT and evolving threats like ransomware and supply chain attacks, they have no idea how operationally effective their security is,” adds Wachsman. “Breach and attack simulations solve this problem by allowing enterprises to easily and effectively find and remediate gaps, misconfigurations and vulnerabilities.  Enterprises who have adopted BAS also find that it helps in increasing cybersecurity professional skill sets and optimize enterprise incident response plans.”

Cybercrime Magazine will be expanding our coverage of breach and attack simulation companies and this list in 2022.

David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.


Sponsored by Cymulate

Cymulate is a breach and attack simulation platform that lets you protect your organization at the click of a button. Operating thousands of attack strategies, Cymulate shows you exactly where you’re exposed, and how to fix it.

Cymulate was founded by an elite team of former IDF intelligence officers who identified frustrating inefficiencies during their cyber security operations. From this came their mission to empower organizations worldwide and make advanced cyber security as simple and familiar as sending an e-mail. Today, Cymulate is trusted by hundreds of companies worldwide, including leading banks and financial services.



Send this to a friend