How To Choose a Breach and Attack Simulation Solution

Breach and attack simulation (BAS) is a relatively new IT security technology that can automatically spot vulnerabilities in an organization’s cyber defenses. BAS solutions represent an emerging market and are directly adjacent to vulnerability assessment, according to Gartner’s Market Guide for Vulnerability Assessment. They are becoming more mainstream and have begun transforming the security testing landscape.
For better defense, enterprises are starting to turn to BAS solutions, which test security on an automated and continual basis. The terminology first started gaining attention around 2017, so it is still in the early stages of development. In its 2019 The Hype Cycle for Threat-Facing Technologies report, Gartner stated that “the ability to provide continuous and consistent testing at limited risk is the key advantage of BAS technologies.”

Indeed, a BAS platform is a must-have tool in the arsenal of any organization’s security team. Because the need for this type of service is so great, the market for BAS tools is becoming huge very quickly. In its report on the automated breach simulation market, Cyber Research Databank predicted it will reach the size of $1B by 2020.

XM Cyber: A Top Early Mover

XM Cyber is among the “top early movers in the BAS market,” stated IT technology writer Cynthia Harvey in an article published by eSecurity Planet. “As with most new technologies, vendors in the BAS market tend to be startups, and many of them are headquartered in Israel,” she noted.

Headquartered in Herzliya, in the Tel Aviv metropolitan area, XM Cyber has been mentioned by Gartner in both cybersecurity reports cited above.

“As a best-in-class breach and attack simulation solution, we believe our inclusion as a representative vendor in Gartner’s Market Guide for Vulnerability Assessment and as a sample vendor in the Hype Cycle for Threat-Facing Technologies validates why leading enterprises in multiple industries rely on XM Cyber’s proven expertise and platform,” said XM Cyber Co-Founder and CEO Noam Erez. “Modern threats demand modern solutions, and our innovative ‘Automated Purple Team’ is leveraging the hackers’ own sophisticated and even those surprisingly unsophisticated methods to help organizations shore up their defenses.”

“With an Israeli intelligence pedigree and strong funding, XM Cyber has the makings of a serious player in the breach and attack simulation market”, Harvey wrote in another article also for eSecurityPlanet. “If you want a cybersecurity tool that can automatically find network vulnerabilities and recommend and prioritize fixes, XM Cyber’s BAS platform should be on your evaluation list,” she added.

Breach and Attack Simulation Vendor You Can Trust

To assess whether the risks involved are real and how one can find a BAS vendor you can really trust, widely recognized expert on Windows Server and cloud technologies Mitch Tulloch interviewed the XM Cyber team. You can find below a summarized version of the conversation.

Are there risks involved in allowing a simulated cyberattack against your company’s assets?

It is very important to select a BAS solution that, on one hand, simulates accurately and in the most realistic way attack techniques and methods and, on the other hand, runs safely without affecting network availability or the user experience.

How can one be confident about a vendor’s BAS platform?

The BAS should also provide a platform that looks at the organization’s environment with the eyes of the attacker, leveraging security vulnerabilities but also IT hygiene and users’ activities. This enables the simulation to be accurate and actually expose the most critical issues that are on the critical paths to the business’s crucial assets. The BAS vendor should provide customer references and testimonials.

What level of expertise in cybersecurity does a business need to properly utilize XM Cyber’s BAS platform?

The level of expertise required to use the platform is minimal. XM Cyber’s platform is very easy to use and works in three steps:

  • Identify the targets for the attack simulations, which are the critical assets in the organization.
  • The platform automatically runs the cyberattack simulations, exposing attack vectors to the assets.
  • A prioritized, actionable remediation report is presented with the most critical issues to be fixed, on the critical path to the most crucial assets.

XM Cyber & Purple Team: Automation + Remediation

XM Cyber is the first breach and attack simulation platform to simulate, validate and remediate attackers’ paths to your critical assets 24×7. HaXM’s automated purple teaming aligns red and blue teams to provide the full realistic advanced persistent threat (APT) experience on one hand while delivering vital prioritized remediation on the other.

Addressing real-user behavior and exploits, the full spectrum of scenarios is aligned to your organization’s own network to expose blind spots and is executed using the most up-to-date attack techniques safely, without affecting network availability and user experience.

 HaXM is the next logical evolution of automated penetration testing programs. Not only does it offer continuous scanning that is easy to configure, even for junior cybersecurity analysts, but it adds advice to help fix problems. This makes it a very complete and highly useful package for finding and fixing whatever paths hackers might use to breach a highly complicated network’s defenses,” award-winning journalist and reviewer John Breeden II wrote at CSO.

In July 2019, Frost & Sullivan recognized XM Cyber with the 2019 Global Technology Innovation Award for HaxM, a best-in-class APT simulation and remediation platform. The research & consulting firm considered HaXM “the solution safely simulates realistic malicious attacks on a customer’s ecosystem to expose attack vectors that go unnoticed by an organization’s cybersecurity practices and technologies,” reported Yahoo! Finance.


Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.