ofensiva
breach and attack simulation
BAS
security validation

Breach and Attack Simulation (BAS): Complete Guide

What Breach and Attack Simulation (BAS) is: the continuous security validation category, how it works, leading platforms and when to use BAS vs Red Team.

SecraJuly 6, 202610 min read

Breach and Attack Simulation (BAS) is a technology category that automates the continuous execution of simulated attacks against your own infrastructure to check, safely and repeatably, whether your security controls stop them. Instead of waiting for the annual pentest or the Red Team exercise to discover that the EDR stays silent or that a SIEM rule has been broken for months, a Breach and Attack Simulation platform fires hundreds of known techniques every day and returns a measurable verdict: what gets prevented, what gets detected and what passes without a trace. In the Spanish market the term is used in English (practitioners say BAS, not the generic "simulación de ataque"), and since 2024 Gartner folded it, together with automated pentesting, into the Adversarial Exposure Validation (AEV) category.

Key takeaways on BAS

  • It automates safe, simulated attacks against your environment to validate controls continuously.
  • It does not replace the human Red Team or the pentest: it covers the breadth of techniques between exercises.
  • Every technique maps to MITRE ATT&CK and produces a real coverage heatmap.
  • Reference platforms: Cymulate, AttackIQ, SafeBreach, Picus and Pentera.
  • Gartner now groups it under Adversarial Exposure Validation (AEV), the validation stage of CTEM.

What Breach and Attack Simulation (BAS) is

BAS is the discipline of emulating attacker behaviour in an automated way to measure how effective your defences are, without putting operations at risk. The difference from a vulnerability scanner is conceptual: a scanner tells you which flaws exist on an asset, while a BAS platform tells you whether your controls stop the technique an adversary would use to exploit that flaw. The scanner looks at the lock; BAS tries to open the door.

Gartner coined the term around 2017 to name an emerging market of tools that ran offensive techniques continuously. In 2024 it consolidated that market, alongside automated pentesting, under the umbrella of Adversarial Exposure Validation (AEV), which in turn is the validation stage inside CTEM (Continuous Threat Exposure Management). The product name has evolved, but the technical proposition of BAS is intact: safe, repeatable attacks anchored to a common framework of tactics and techniques.

That common framework is MITRE ATT&CK. Every serious BAS platform expresses what it runs and what it measures in ATT&CK technique identifiers, which lets you compare coverage, prioritise by real threat and speak the same language as the detection team.

How a BAS platform works

Architecture: agents and simulators

Most platforms deploy lightweight agents on endpoints and servers representative of each network segment. These agents act as both attacker and victim: one attempts the technique and another receives it, so the malicious exchange happens on a controlled channel and never leaves the boundaries you have defined.

Scenarios and safe-by-design payloads

The heart of a BAS platform is its scenario library: full attack chains that walk the kill chain from initial access to exfiltration. A typical scenario delivers a malicious file to a mailbox (T1566), executes it (T1059), attempts persistence (T1547), dumps credentials by simulating the credential dumping technique (T1003), moves laterally (T1021) and exfiltrates data to a vendor-controlled server (T1048 or T1567).

The point is that payloads are safe by design: the EICAR test file is used instead of real malware, neutralised versions of credential-dumping tools, or C2 beacons that point to the vendor's infrastructure and run no harmful code. This validates the control's reaction (block, alert, silence) without the risk of a real offensive exercise. The trade-off is obvious: a neutralised payload resembles the attack but is not identical, and that is exactly where the human Red Team remains irreplaceable.

Three simulation approaches

  • Agent-based, to validate the chain end to end within the endpoint and across segments.
  • Network-traffic-based, to test perimeter and inspection controls with malicious flows between simulators.
  • Cloud posture assessment, which reviews configurations and attack paths in AWS, Azure or GCP without deploying agents.

BAS and MITRE ATT&CK: coverage and detection validation

The most useful deliverable of a BAS platform is the heatmap over the MITRE ATT&CK matrix: each cell is marked as prevented (the control blocked the technique), detected (it did not block it but raised an alert) or missed (it passed without a trace). That picture turns a fuzzy intuition ("we think the EDR covers us") into a defensible coverage percentage you can take to the board.

The real value comes when you close the loop. Every technique left in red must translate into a new detection rule, usually versioned as code with Sigma, and into a re-run that confirms the alert now fires. For that it helps to correlate the platform's execution with the SIEM's alert identifiers and the EDR's telemetry: without that correlation, BAS only produces lists of bad news. This is where validation meets real evasion techniques, an area we explore in EDR evasion with LLMs, because a control that detects the canned version of a technique can still be blind to its obfuscated variant.

As an external, independent reference, the MITRE Engenuity ATT&CK Evaluations publish how different EDR products detect groups such as APT29 or LockBit, a useful contrast so you do not rely on the vendor dashboard alone.

BAS versus Red Team and pentesting

This is the most common commercial confusion. BAS does not compete with the Red Team or the pentest: it occupies a different slot in breadth and cadence.

ApproachNatureFrequencyWhat it delivers
PentestingManual depth on one assetQuarterly or annualScoped, exploitable vulnerabilities
Red TeamStealthy, human adversarial simulationAnnual or biannualHonest test of detection and response
BASAutomated, repeatable simulationContinuous (daily or weekly)Breadth of techniques against controls

A pentest finds deep flaws in a specific asset at a given moment. A Red Team measures whether your defence detects a creative adversary pursuing business objectives, with all the stealth and cunning a machine does not reproduce. BAS automates the execution of already-known techniques so they can be repeated every day and catch the silent degradation of controls (a certificate that expires, an agent that stops reporting, a rule someone disabled). All three are orchestrated inside a continuous security validation programme, which decides when automated breadth applies and when human depth applies. In one line: BAS checks whether you detect the known techniques every day, and the Red Team whether you detect a resourceful human who combines them in unexpected ways once a year.

BAS platforms: market landscape

Commercial

  • Cymulate: a broad platform that combines BAS, attack surface management and continuous validation, with a focus on agility and frequent re-running of scenarios.
  • AttackIQ: geared to control optimisation with a very strict ATT&CK mapping and a strong educational push (AttackIQ Academy); its Flex mode enables agentless testing.
  • SafeBreach: known for its Hacker's Playbook, a huge catalogue of scenarios that quickly incorporates emerging-threat techniques after each breach report.
  • Picus Security: a market pioneer, it adds a mitigation library (Picus Blue) with vendor-specific signatures and rules to speed up loop closure.
  • Pentera: closer to automated pentesting, it prioritises real exploitation of chained attack paths over the simulation of neutralised payloads.

Open source

To start without licences, the open ecosystem covers a large share of techniques: MITRE Caldera for automated adversary emulation, Atomic Red Team by Red Canary for atomic tests per technique (launched with Invoke-AtomicTest T1059.001 from PowerShell), Infection Monkey to test segmentation and lateral movement, and Stratus Red Team by Datadog for cloud-specific techniques. Many organisations combine both worlds: open source for the technical team's work and commercial for executive traceability and audit-ready reporting.

When to adopt BAS (guidance for Spanish organisations)

BAS only pays off if you have something to validate. If you have no SOC, no EDR and no detection rules, the platform will only confirm what you already know: that there is no defence to measure. In that scenario, a pentest and deploying basic controls come first, and only then does BAS come in to watch that those controls do not degrade.

From medium maturity upwards, with a Blue Team able to receive findings, BAS fits well when you want a continuous answer to "are my controls still working today?" without paying for a manual exercise every week. The reasonable sequence is clear: pentest to find flaws, BAS to watch controls daily, Red Team once or twice a year for the final unannounced exam.

On the regulatory side, both NIS2 and DORA require proving the effectiveness of measures, not just declaring them. BAS generates exactly that auditable, recurring evidence, and it fits naturally between the intelligence-led TLPT exercises (mandatory under DORA for designated financial entities, with a minimum cadence of three years under the TIBER-EU framework): continuous simulation covers the months when there is no human Red Team and proves, technique by technique, that detection is still standing.

Frequently asked questions

Does Breach and Attack Simulation replace the Red Team?

No. It complements it. BAS brings breadth and continuity by running known techniques in an automated, safe way, but it works with neutralised payloads and does not reproduce the creativity or stealth of a human operator who improvises. The Red Team remains the only exercise that truly tests detection under real pressure. The right approach is to use BAS between Red Team campaigns, not instead of them.

What is the difference between BAS and a vulnerability scanner?

A scanner identifies which flaws exist on an asset (an unpatched CVE, a weak configuration). BAS does not hunt for new flaws: it validates whether your controls stop the technique an attacker would use to exploit those flaws. A scanner can tell you that you are vulnerable to Log4Shell (CVE-2021-44228); BAS tells you whether your WAF and your EDR detect and stop the exploitation attempt.

Which BAS platform should I choose?

It depends on the objective. If you want continuous breadth and attack surface in a single pane, Cymulate fits well; if your priority is optimising controls with a strict ATT&CK mapping, AttackIQ or Picus; if you need real exploitation of chained paths, Pentera. Before licensing, validate a pilot with Caldera or Atomic Red Team to gauge how much coverage you actually need.

Does BAS help with DORA and NIS2?

Yes. Both frameworks require you to demonstrate that controls work, not just that they are installed. BAS produces auditable, recurring evidence of defensive effectiveness, and it complements the intelligence-led TLPT red team exercises that DORA imposes on significant financial entities, covering validation in the periods between those exercises.

Can I start with open-source BAS?

Yes. Atomic Red Team, MITRE Caldera and Stratus Red Team let you validate a good share of techniques at no licence cost and are ideal for a pilot. Commercial platforms add maintained coverage, integrations and board-ready reporting, which becomes worthwhile as the programme matures and needs governance and executive traceability.

Next step

A BAS platform only delivers value if someone configures it with a threat-informed criterion and closes the loop all the way to detection. At Secra we design and operate that cycle: adversary emulation aligned with MITRE ATT&CK, integration of BAS with your SOC and your Blue Team, and recurring validation that turns every gap into a verified detection rule. If you want to know where your detection stands today, tell us the context and we will tell you where to start.

About the author

Secra Solutions team

Ethical hackers with OSCP, OSEP, OSWE, CRTO, CRTL and CARTE certifications, 7+ years of experience in offensive cybersecurity, and authors of CVE-2025-40652 and CVE-2023-3512.

Share article