Pros and cons of 7 breach and attack simulation tools

Breach and attack simulation software can significantly beef up an organization's network defense strategy. But not all tools are made equally.

Security administrators are increasingly supplementing their penetration tests with automated breach and attack simulation tools to better examine and validate the security posture and overall health of their network infrastructures in real time.

Penetration testing often only provides a snapshot in time of network status and exploitable vulnerabilities, whereas BAS tools run continuously or at scheduled times to provide security teams with a real-time view of network security.

With the proper BAS tools, security teams can not only stress, assess and validate security controls, but also do the following:

  • Improve mean time to detect and mean time to respond.
  • Perform resilience and readiness assessments.
  • Improve visibility during mergers, acquisitions and internal changes.
  • Assist with user behavior assessment.

This article examines seven leading BAS tools, based on Gartner's Peer Insights reviews and ratings. Products are listed in alphabetical order and include only those with 20 user comments or more.

Each of these breach and attack simulation tools is flexible, can adapt to most security configurations and can be used across most private and public sector organizations and vertical markets. The key is to select a system that best matches your organization's security requirements.


AttackIQ uses the Mitre ATT&CK framework to perform simulations. Its post-exploitation platform helps determine the impact from simulations.

Reviewers commented that AttackIQ was easy to use, scalable and had good support. However, some said the software might not be suitable for larger companies.

Cymulate Exposure Management and Security Validation Platform

Cymulate's BAS tool offers a modular platform that blends attack surface management, continuous automated red teaming and exposure analytics to illuminate and analyze the network's security posture.

Reviewers commented that Cymulate is cost-effective and is a useful tool when establishing ROI of a security investment but noted it can be challenging to implement in some situations.

FortiTester by Fortinet

Fortinet's FortiTester performs as a simulator and sandbox, launching a variety of tests and simulations.

Reviewers said FortiTester was reliable and stable and complemented other Fortinet security products in use but also said it could be cumbersome to manage.

Picus Security Validation Platform

Picus Security Validation Platform features a complete suite of BAS functions that provide detailed data on network security. Its threat database is continuously updated.

Reviewers commented that Picus strengthened their organization's security perspective and that it was well designed but that the product did have some performance issues.


SafeBreach proactively executes simulations, relies on a large database of threat and supports custom simulations.

Reviewers said SafeBreach is versatile, efficient and well designed but also raised concerns that it could be buggy.

Threat Simulator by Keysight Technologies

Keysight Technologies' Threat Simulator provides in-depth threat and attack analyses across all parts of a network, including multiple testing scenarios.

Reviewers said Threat Simulator was effective and well structured, but they also commented about scalability and integration capabilities.

XM Cyber Exposure Management Platform

XM Cyber Exposure Management Platform provides tools that examine vulnerabilities and risks while executing attack simulations.

Reviewers commented that they liked the product's ease of setup and transparency, but that it lacked efficient integration with other tools.

Paul Kirvan is an independent consultant, IT auditor, technical writer, editor and educator. He has more than 25 years of experience in business continuity, disaster recovery, security, enterprise risk management, telecom and IT auditing.

Dig Deeper on Threat detection and response

Enterprise Desktop
Cloud Computing