# Best Breach and Attack Simulation (BAS) Software - Page 2 *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Breach and attack simulation (BAS) software is used to mimic real-world security threats to help businesses prepare incident response plans and discover potential vulnerabilities in their security systems. These simulated attacks might send fake phishing attacks to employees or attempt a cyberattack on a company’s [web application firewall](https://www.g2.com/categories/web-application-firewall-waf). Many tools even provide automated simulations with AI-based threat logic and continuous testing to ensure teams are always prepared to properly handle security incidents. Most of these simulations are available at all times. Many businesses use them periodically as updates are made to security systems or security policies are changed. Without simulated attacks, it can be difficult to assess the efficacy of security operations; customized simulations can mimic various threats to different surface areas or within unique environments to help businesses prepare and evaluate their defense against all kinds of multivector threats. Breach and attack simulation software tools are typically capable of performing [penetration tests](https://www.g2.com/categories/penetration-testing) or simulate attacks similar to some [dynamic application security testing](https://www.g2.com/categories/dynamic-application-security-testing-dast) tools and [vulnerability scanners](https://www.g2.com/categories/vulnerability-scanner). But most of those solutions only mimic a single kind of threat and are not continuously available. They also do not provide the same outcome details and report on vulnerabilities and security posture to the same degree of BAS solutions. To qualify for inclusion in the Breach and Attack Simulation (BAS) software category, a product must: - Deploy threats targeting various attack surfaces - Simulate both cyberattacks and data breaches - Quantify risk and evaluate security posture based on attack response - Provide remediation process guidance and improvement suggestions ## How Many Breach and Attack Simulation (BAS) Software Products Does G2 Track? **Total Products under this Category:** 52 ### Category Stats (Jun 2026) - **Average Rating**: 4.55/5 The average rating of products in this category, based on all submitted ratings - **Top Trending Product**: Sophos PhishThreat (+0.73%) - Among all products in this category, Sophos PhishThreat recorded the largest rating increase compared to last month *Last updated: June 25, 2026* ## How Does G2 Rank Breach and Attack Simulation (BAS) Software Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 1,200+ Authentic Reviews - 52+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Which Breach and Attack Simulation (BAS) Software Is Best for Your Use Case? - **Leader:** [Picus Security](https://www.g2.com/products/picus-security/reviews) - **Easiest to Use:** [Cymulate](https://www.g2.com/products/cymulate/reviews) - **Top Trending:** [Adaptive Security](https://www.g2.com/products/adaptive-security/reviews) - **Best Free Software:** [Picus Security](https://www.g2.com/products/picus-security/reviews) ## What Are the Top-Rated Breach and Attack Simulation (BAS) Software Products in 2026? ### 1. [XM Cyber Exposure Management Platform](https://www.g2.com/products/xm-cyber-exposure-management-platform/reviews) XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. By continuously uncovering hidden attack paths to businesses’ critical assets and security controls gaps across cloud and on-prem environments, it enables security teams to remediate exposures at key junctures and eradicate risk with a fraction of the effort. Many of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel. **Average Rating:** 3.5/5.0 **Total Reviews:** 1 **Who Is the Company Behind XM Cyber Exposure Management Platform?** - **Seller:** [XM Cyber](https://www.g2.com/sellers/xm-cyber) - **Year Founded:** 2016 - **HQ Location:** Tel Aviv-Yafo, Tel Aviv District, Israel - **Twitter:** @XMCyber_ (3,470 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/xm/ (421 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 100% Mid-Market ### 2. [AI Risk Detection](https://www.g2.com/products/ai-risk-detection/reviews) Enkrypt AI's Risk Detection with Red Teaming is a comprehensive solution designed to identify and mitigate vulnerabilities in Large Language Models (LLMs) and Generative AI applications. By simulating real-world attack scenarios, this technology enables organizations to proactively detect risks such as prompt injections, data loss, and the generation of harmful content, ensuring the development of secure and compliant AI systems. **Who Is the Company Behind AI Risk Detection?** - **Seller:** [Enkrypt AI](https://www.g2.com/sellers/enkrypt-ai) - **Year Founded:** 2022 - **HQ Location:** Boston, US - **LinkedIn® Page:** https://www.linkedin.com/company/enkryptai (22 employees on LinkedIn®) ### 3. [AISOC](https://www.g2.com/products/aisoc/reviews) The premier cyber security company that protects you before, during and after a breach **Who Is the Company Behind AISOC?** - **Seller:** [Avalance Global Solutions](https://www.g2.com/sellers/avalance-global-solutions) - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®) ### 4. [ARTEMIS](https://www.g2.com/products/repello-ai-artemis/reviews) ARTEMIS by Repello AI hunts for vulnerabilities in your AI applications by simulating attacks that malicious actors would use. ARTEMIS tests, identifies, and helps remediate security risks before they can be exploited in production environments. This is powered by world's largest AI-specific threat intelligence repositories. Key Features: 1. Simulates real-world attacks against your AI systems 2. Maps vulnerabilities across your AI infrastructure 3. Provides actionable mitigation recommendations 4. Adapts to evolving threats as your AI applications grow Built by security engineers to protect AI from attackers. Secure your AI early in development and throughout deployment. Get a Demo: https://repello.ai/get-a-demo **Who Is the Company Behind ARTEMIS?** - **Seller:** [Repello AI](https://www.g2.com/sellers/repello-ai) - **Year Founded:** 2023 - **HQ Location:** San Francisco, US - **LinkedIn® Page:** https://www.linkedin.com/company/repello-ai (10 employees on LinkedIn®) ### 5. [AttackIQ Enterprise](https://www.g2.com/products/attackiq-enterprise/reviews) AttackIQ Enterprise is a comprehensive breach and attack simulation platform designed to proactively identify and remediate security gaps within an organization's defenses. By continuously validating security controls against real-world adversary behaviors, it ensures that enterprises can detect vulnerabilities before they are exploited, thereby enhancing overall security posture. The platform offers deep, continuous security control validation, providing actionable insights and detailed reports that facilitate collaboration across security, risk, and audit teams. Key Features and Functionality: - Continuous Security Validation: Operates 24/7 to identify and close security gaps before adversaries can exploit them. - Adversary Emulations and Threat Intelligence: Utilizes cutting-edge adversary emulations and threat intelligence from AttackIQ’s Adversary Research Team to test security programs. - Data-Driven Analysis: Provides data-driven analysis to improve team and technology operations across various security controls, including endpoint detection and response, next-generation firewalls, micro-segmentation, and cloud security. - Resource Optimization: Proven to save teams time and financial resources by enhancing security analyst and operations team performance, identifying redundancies in security controls, and decreasing the impact of breaches. - Enterprise Intelligence and Reporting: Offers a portal for security teams to interact with the co-managed service, deploy emulations, review detailed assessments, and access tools like JupyterHub for in-depth analysis. Primary Value and Problem Solved: AttackIQ Enterprise addresses the critical need for organizations to proactively measure and enhance the effectiveness of their cybersecurity controls. By continuously validating security measures against real-world threats, it enables enterprises to identify and remediate vulnerabilities before they can be exploited by adversaries. This proactive approach not only strengthens the organization's security posture but also optimizes resource allocation, reduces potential financial losses from breaches, and ensures compliance with industry standards. Ultimately, AttackIQ Enterprise empowers organizations to stay ahead of evolving cyber threats through continuous readiness testing and expert guidance. **Who Is the Company Behind AttackIQ Enterprise?** - **Seller:** [AttackIQ](https://www.g2.com/sellers/attackiq) - **Year Founded:** 2013 - **HQ Location:** Los Altos, US - **Twitter:** @AttackIQ (7,101 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/attackiq (168 employees on LinkedIn®) ### 6. [BlackNoise](https://www.g2.com/products/blacknoise-blacknoise/reviews) BlackNoise is the first European cyber defense validation platform, available SaaS and On-Premise. It helps users across all industries to continuously validate and enhance cyber defense capabilities against advanced threats, including APTs, ransomware, and state-sponsored attacks. By delivering real-world performance metrics, it enables precise tracking and improvement of Mean Time to Detect and Respond (MTTD/R), offering visibility into critical KPIs to support effective cyber risk management. Partners and customers benefit from the BlackNoise platform SaaS or On-Premise in order to solve three major use cases : Detection and Reaction improvement ; Cyber compliance automation ; and Testing and Training of their SOC. **Who Is the Company Behind BlackNoise?** - **Seller:** [BlackNoise](https://www.g2.com/sellers/blacknoise-6945cc82-89ae-48f1-8d37-793d388dfac3) - **HQ Location:** Paris, FR - **LinkedIn® Page:** https://www.linkedin.com/company/blacknoise (1 employees on LinkedIn®) ### 7. [BlackNoise](https://www.g2.com/products/blacknoise/reviews) Validate the effectiveness of your cyber defenses with BlackNoise, the European leader in multi-environment Breach and Attack Simulation and Security Validation (cloud, networks, endpoints). Measure your detection times and response capabilities to attacks. Continuously manage your cyber scoring and share an objective view of the field effectiveness of your defense strategy. All in one, easy-to-use, SaaS or On-Premise platform. **Who Is the Company Behind BlackNoise?** - **Seller:** [Erium](https://www.g2.com/sellers/erium) - **Year Founded:** 2012 - **HQ Location:** Paris, FR - **LinkedIn® Page:** https://www.linkedin.com/company/erium/ (38 employees on LinkedIn®) ### 8. [Breach+](https://www.g2.com/products/breach/reviews) Cytomate's Breach+ is a Breach and Attack Simulation (BAS) solution designed to rigorously assess and strengthen an organization's security posture. By emulating real-world attack scenarios using a comprehensive threat library, it identifies and addresses potential vulnerabilities and attack paths before they can be exploited by malicious actors. **Who Is the Company Behind Breach+?** - **Seller:** [Cytomate](https://www.g2.com/sellers/cytomate) - **Year Founded:** 2021 - **HQ Location:** Doha, QA - **LinkedIn® Page:** https://www.linkedin.com/company/cytomate/ (21 employees on LinkedIn®) ### 9. [Cracken](https://www.g2.com/products/cracken/reviews) Cracken is the world’s first Uncensored Vibe Hacking platform for safe, AI-driven, adversarial-grade, proactive cybersecurity. Built by cyber warfare-experienced operators and AI researchers, deployed by the world’s most critical global enterprises. **Who Is the Company Behind Cracken?** - **Seller:** [Cracken](https://www.g2.com/sellers/cracken) - **Year Founded:** 2023 - **HQ Location:** Palo Alto, US - **LinkedIn® Page:** https://www.linkedin.com/company/crackenagi/ (23 employees on LinkedIn®) ### 10. [Cyttack.ai](https://www.g2.com/products/cyttack-ai/reviews) Cyttack.ai is a cybersecurity SaaS platform that specializes in realistic DDoS attack simulations, allowing organizations to test and enhance their digital defenses without real-world disruption. The platform offers customizable simulation packages tailored to various testing needs, including volumetric, protocol-based, and application-layer attacks. Intended clients include businesses seeking to validate their security measures, improve incident response, and ensure compliance with regulatory requirements. With an intuitive interface and multi-channel support, Cyttack.ai simplifies the process of conducting advanced DDoS simulations for security teams. **Who Is the Company Behind Cyttack.ai?** - **Seller:** [Cyttack AI](https://www.g2.com/sellers/cyttack-ai) - **Year Founded:** 2024 - **HQ Location:** Adelaide , AU - **LinkedIn® Page:** https://www.linkedin.com/company/cyttack-ai/ (1 employees on LinkedIn®) ### 11. [Dreadnode](https://www.g2.com/products/dreadnode/reviews) Dreadnode is a pioneering company specializing in offensive machine learning, dedicated to advancing the field of offensive security by developing methodologies, tools, and research that enable more effective evaluation, testing, and deployment of AI models. **Who Is the Company Behind Dreadnode?** - **Seller:** [Dreadnode](https://www.g2.com/sellers/dreadnode) - **Year Founded:** 2023 - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/dreadnode (22 employees on LinkedIn®) ### 12. [Elasticito](https://www.g2.com/products/elasticito/reviews) Help companies to identify and manage cyber threats that affect their business. **Who Is the Company Behind Elasticito?** - **Seller:** [Elasticito](https://www.g2.com/sellers/elasticito) - **Year Founded:** 2017 - **HQ Location:** London, GB - **Twitter:** @elasticito (42 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/elasticito/ (10 employees on LinkedIn®) ### 13. [Exploit Pack](https://www.g2.com/products/exploit-pack/reviews) Exploit Pack is a multiplatform exploitation framework including zero-days from own lab, a growing collection of 39.000+ exploits and post-exploitation modules. It has been designed by an experienced team of software developers and exploit writers to automate processes so that security professionals can focus on what's really important: Uncover threats and reduce the attack surface. Exploit Pack replicates real attack scenarios and discovers potential threats in your secure environment before hackers do. **Who Is the Company Behind Exploit Pack?** - **Seller:** [Exploit Pack](https://www.g2.com/sellers/exploit-pack) - **Year Founded:** 2008 - **HQ Location:** The Netherlands, NL - **LinkedIn® Page:** https://www.linkedin.com/company/exploitpack (2 employees on LinkedIn®) ### 14. [FortiTester](https://www.g2.com/products/fortitester/reviews) FortiTester is an enterprise-grade solution designed for performance testing and validating network security infrastructures. It offers a comprehensive range of application test cases to evaluate equipment and right-size infrastructure, ensuring optimal network performance and security. All test functionalities are included in a single, device-based license, making it a cost-effective choice for organizations. Key Features and Functionality: - Continuous Security Validation: Regularly assesses security controls, especially after system updates, patches, or network changes. - Vulnerability Detection: Identifies weaknesses in networks, applications, and endpoints to proactively discover vulnerabilities. - Security Posture Improvement: Provides simulation results to prioritize and implement security enhancements, improving overall efficiency. - Security Investment Justification: Offers tangible evidence of security gaps, demonstrating the need for additional resources or tools. - Network Performance Testing: Conducts stress and load testing, RFC-based testing of latency and throughput, and generates HTTP/HTTPS/HTTP2 traffic. - MITRE ATT&CK Simulation: Emulates campaigns on Windows, macOS, and Linux devices to validate endpoint security solutions. Primary Value and Problem Solved: FortiTester enables organizations to proactively identify and address vulnerabilities, misconfigurations, and performance bottlenecks within their network security infrastructure. By simulating real-world cyberattacks and network traffic, it ensures that security measures are effective and that the network can handle expected loads. This proactive approach helps prevent potential breaches and ensures optimal network performance, providing organizations with confidence in their security posture. **Who Is the Company Behind FortiTester?** - **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet) - **Year Founded:** 2000 - **HQ Location:** Sunnyvale, CA - **Twitter:** @Fortinet (151,422 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,279 employees on LinkedIn®) - **Ownership:** NASDAQ: FTNT ### 15. [HTB Crisis Control](https://www.g2.com/products/htb-crisis-control/reviews) Crisis Control drops organizations in live-fire cyber incident simulations that combine AI-enhanced injects in real-time adversary attacks. Teams from the SOC to the executive suite collaborate under pressure, exposing gaps in playbooks and improving coordination. Scenarios map to frameworks like the NIST CSF and include compliance challenges (NIS2, DORA, SEC requirements), so leaders can train for both technical and regulatory demands. By delivering ultra-realistic, data-driven exercises, Crisis Control strengthens cyber resilience and validate incident response readiness. **Who Is the Company Behind HTB Crisis Control?** - **Seller:** [Hack The Box](https://www.g2.com/sellers/hack-the-box) - **Year Founded:** 2017 - **HQ Location:** Folkestone, GB - **Twitter:** @hackthebox_eu (246,095 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/hackthebox/ (2,272 employees on LinkedIn®) ### 16. [Mandiant Security Validation](https://www.g2.com/products/mandiant-security-validation/reviews) Security Validation Continuously measure and validate your security effectiveness against today’s adversaries **Who Is the Company Behind Mandiant Security Validation?** - **Seller:** [Google](https://www.g2.com/sellers/google) - **Year Founded:** 1998 - **HQ Location:** Mountain View, CA - **Twitter:** @google (31,899,995 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1441/ (341,888 employees on LinkedIn®) - **Ownership:** NASDAQ:GOOG ### 17. [ModelRed](https://www.g2.com/products/modelred/reviews) ModelRed is an automated security testing platform for AI models. It runs adversarial tests against LLMs to identify vulnerabilities including prompt injection, jailbreaks, data leakage, hallucinations, and compliance violations. The platform includes 200+ pre-built probe packs covering domain-specific scenarios (medical, financial, legal) and a marketplace where security researchers can contribute specialized test methodologies. Users receive security scores, detailed vulnerability reports, and remediation guidance. ModelRed integrates with CI/CD pipelines for continuous testing and provides API access for programmatic security assessments. **Who Is the Company Behind ModelRed?** - **Seller:** [ModelRed](https://www.g2.com/sellers/modelred) - **Year Founded:** 2025 - **HQ Location:** Seattle, US - **LinkedIn® Page:** https://www.linkedin.com/company/modelred/ (3 employees on LinkedIn®) ### 18. [Nemesis](https://www.g2.com/products/persistent-security-industries-nemesis/reviews) Nemesis by Persistent Security Industries is a Breach & Attack Simulation (BAS) platform that lets organizations emulate real-world cyberattacks in a controlled environment. Stay ahead of cyber threats with our continuous, automated security testing and proactive breach simulation. Nemesis Breach and Attack Simulation exposes the issues that really matter. • Ransomware Simulation Library. Run safe emulations of tactics used by top ransomware groups. • End-to-End Attack Chains. Validate each layer of your defense from initial access to data encryption attempts. • Cloud Security Testing. Validate configurations and controls in dynamic cloud environments • Detection & Response Insights. Understand where your EDR/SIEM picks up the threat (and where it does not). SOC Validation. Objectively measure the detection and response capabilities of your SOC (vendor). **Who Is the Company Behind Nemesis?** - **Seller:** [Persistent Security Industries](https://www.g2.com/sellers/persistent-security-industries) - **HQ Location:** Eupen, BE - **LinkedIn® Page:** https://www.linkedin.com/company/persistent-security-industries (9 employees on LinkedIn®) ### 19. [NeSSi2](https://www.g2.com/products/nessi2/reviews) NeSSi² is an open source project developed at the DAI-Labor and sponsored by Deutsche Telekom Laboratories. NeSSi (Network Security Simulator) is a novel network simulation tool which incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profile-based automated attack generation, traffic analysis and support for the detection algorithm plugins allow it to be used for security research and evaluation purposes. **Who Is the Company Behind NeSSi2?** - **Seller:** [NeSSi2](https://www.g2.com/sellers/nessi2) - **Year Founded:** 2006 - **HQ Location:** Brussels, BE - **LinkedIn® Page:** http://www.linkedin.com/company/nessi-etp (4 employees on LinkedIn®) ### 20. [OFFENSAI](https://www.g2.com/products/offensai/reviews) OFFENSAI delivers a new paradigm in cloud security with its autonomous cloud security testing solution. Utilizing proprietary generative adversarial techniques, unpublished attack vectors, and internal offensive security research, OFFENSAI conducts real adversary behavior, continuously probing environments like an intelligent attacker evading detection. Unlike tools that merely flag misconfigurations, OFFENSAI specializes in Adversarial Exposure Validation—identifying real, exploitable paths and delivering detailed kill-chain steps with precise, one-click remediation guidance. The solution integrates natively with cloud environments, running safe, production-friendly simulations and producing exportable, compliance-ready reports. The result is actionable insight and continuous validation that prioritizes exploitable paths over theoretical alerts, enabling security teams to prove and strengthen defenses. **Who Is the Company Behind OFFENSAI?** - **Seller:** [OFFENSAI](https://www.g2.com/sellers/offensai) - **Year Founded:** 2024 - **HQ Location:** Los Angeles, US - **LinkedIn® Page:** https://www.linkedin.com/company/offensai/ (11 employees on LinkedIn®) ### 21. [ReliaQuest GreyMatter](https://www.g2.com/products/reliaquest-greymatter/reviews) ReliaQuest’s agentic AI security operations platform, GreyMatter, allows security teams to detect threats at the source, contain them in under 5 minutes, and eliminate Tier 1 and Tier 2 work for faster investigation and response. GreyMatter orchestrates 6 agentic AI personas with 200+ agent skills and 400+ AI tools to exponentially scale security operations and help organizations predict what's next. **Average Rating:** 4.5/5.0 **Total Reviews:** 13 **Who Is the Company Behind ReliaQuest GreyMatter?** - **Seller:** [ReliaQuest](https://www.g2.com/sellers/reliaquest) - **Company Website:** https://www.ReliaQuest.com - **Year Founded:** 2007 - **HQ Location:** Tampa, Florida, United States - **Twitter:** @ReliaQuest (2,577 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/reliaquest/ (1,066 employees on LinkedIn®) **Who Uses This Product?** - **Company Size:** 38% Mid-Market, 31% Enterprise #### What Are ReliaQuest GreyMatter's Pros and Cons? **Pros:** - Features (8 reviews) - Centralized Management (7 reviews) - Customer Support (7 reviews) - Ease of Use (7 reviews) - Easy Integrations (6 reviews) **Cons:** - UX Improvement (3 reviews) - Complexity (2 reviews) - Inefficient Alert System (2 reviews) - Learning Curve (2 reviews) - Login Issues (2 reviews) ### What Do G2 Reviewers Say About ReliaQuest GreyMatter? *AI-generated summary from verified user reviews* **Pros:** - Users value the **exceptional visibility** and seamless integration of ReliaQuest GreyMatter, enhancing security operations effectively. - Users value the **centralized management** of ReliaQuest GreyMatter for its seamless integration and streamlined security operations. - Users commend the **exceptional customer support** of ReliaQuest GreyMatter, enhancing overall experience and operational efficiency. - Users appreciate the **ease of use** of ReliaQuest GreyMatter, benefiting from its straightforward setup and seamless integrations. - Users love the **easy integrations** of ReliaQuest GreyMatter, streamlining security operations with seamless connectivity to existing tools. **Cons:** - Users experience **alert delays and clunky UI** in ReliaQuest GreyMatter, suggesting a need for smoother interactions and faster performance. - Users find the **complexity of configurations** frustrating, requiring significant time to fine-tune automated rules effectively. - Users experience **inefficient alert system** issues, including delays and duplicates, impacting overall responsiveness and effectiveness. - Users experience a **steep learning curve** with advanced automation workflows, despite helpful documentation and support. - Users encounter **login issues** with the ReliaQuest GreyMatter app, making the sign-in process frustrating, particularly on Android. #### What Are Recent G2 Reviews of ReliaQuest GreyMatter? **"[Effective Automation for MSSP with GreyMatter](https://www.g2.com/survey_responses/reliaquest-greymatter-review-12596289)"** **Rating:** 4.5/5.0 stars *— Pedro G.* [Read full review](https://www.g2.com/survey_responses/reliaquest-greymatter-review-12596289) --- **"[Saves Time with Seamless Integrations](https://www.g2.com/survey_responses/reliaquest-greymatter-review-11947996)"** **Rating:** 4.5/5.0 stars *— Ben B.* [Read full review](https://www.g2.com/survey_responses/reliaquest-greymatter-review-11947996) --- ### 22. [securiCAD](https://www.g2.com/products/securicad/reviews) securiCAD is a foreseeti product, developed to perform virtual attack simulations on models of IT architectures. Based on decades of research at the Royal Institute of Technology in Stockholm (KTH), securiCAD enables companies to transform their risk assessments from isolated technical problems to a holistic approach for measuring the risk exposure of their IT infrastructures. **Who Is the Company Behind securiCAD?** - **Seller:** [foreseeti](https://www.g2.com/sellers/foreseeti) - **Year Founded:** 2014 - **HQ Location:** Stockholm, SE - **LinkedIn® Page:** https://www.linkedin.com/company/10595959 (2 employees on LinkedIn®) ### 23. [SimSpace](https://www.g2.com/products/simspace/reviews) SimSpace is the realistic cyber simulation infrastructure for continuously training, testing, and validating AI agents before they are deployed into production security environments. It recreates enterprise networks, cloud infrastructure, security tools, and attacker behavior so organizations can evaluate how AI agents detect threats, automate responses, and operate against real-world cyber scenarios in conditions that closely mirror live operations. By enabling AI agents to work together with human operators in an intelligent cyber range, SimSpace serves as the AI Proving Grounds for elite cyber teams. Security organizations use SimSpace to benchmark AI performance, validate agentic workflows, and ensure AI-driven detection and response systems are reliable, effective, and operationally ready before being deployed into real-world cybersecurity operations. **Who Is the Company Behind SimSpace?** - **Seller:** [SimSpace](https://www.g2.com/sellers/simspace) - **Year Founded:** 2015 - **HQ Location:** New Boston, Massachusetts, United States - **LinkedIn® Page:** https://www.linkedin.com/company/simspace-corporation/ (193 employees on LinkedIn®) ### 24. [Threatcare](https://www.g2.com/products/threatcare/reviews) Threatcare is a cybersecurity platform that allows organizations to simulate intrusions on their network to help improve their people's performance, their processes, and their product utilization. **Who Is the Company Behind Threatcare?** - **Seller:** [Threatcare](https://www.g2.com/sellers/threatcare) - **HQ Location:** N/A - **Twitter:** @threatcare (3,944 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/No-Linkedin-Presence-Added-Intentionally-By-DataOps (1 employees on LinkedIn®) ### 25. [Threat Simulator](https://www.g2.com/products/threat-simulator/reviews) Threat Simulator is a SaaS-based breach and attack simulation (BAS) platform built on 20+ years of leadership in network security testing. Threat Simulator enables you to safely simulate attacks on your production network, identify gaps in coverage, and remediate potential vulnerabilities before attackers can exploit them. \* Safely emulate attacks on your production network. \* Find and fix misconfigurations and gaps. \* Measure security posture on a continuous basis. \* Prove you're safer than you were yesterday. \* Prevent past incidents and attacks from happening again. \* Save money by maximizing existing security controls and processes before purchasing new tools. **Who Is the Company Behind Threat Simulator?** - **Seller:** [Keysight Technologies](https://www.g2.com/sellers/keysight-technologies) - **Year Founded:** 2014 - **HQ Location:** Santa Rosa, California, United States - **Twitter:** @Keysight (13,585 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/keysight-technologies/ (13,542 employees on LinkedIn®) - **Ownership:** NYSE: KEYS ## What Is Breach and Attack Simulation (BAS) Software? [System Security Software](https://www.g2.com/categories/system-security) ## What Software Categories Are Similar to Breach and Attack Simulation (BAS) Software? - [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools) --- ## What Are the Most Common Questions About Breach and Attack Simulation (BAS) Software? *AI-generated · Last updated: June 3, 2026* ### Which Breach And Attack Simulation BAS vendors provide strong implementation guidance for team adoption Based on G2 reviews, these BAS vendors are most often praised for onboarding, setup, and guidance. - [Picus Security](https://www.g2.com/products/picus-security) — onboarding help and vendor-specific remediation. - [Cymulate](https://www.g2.com/products/cymulate) — easy setup with actionable mitigation guidance. - [Right-Hand Cybersecurity](https://www.g2.com/products/right-hand-cybersecurity) — hands-on support for campaigns and rollout. - [RidgeBot](https://www.g2.com/products/ridgebot) — straightforward setup with validated findings. ### Breach And Attack Simulation BAS solutions combining ease of use with advanced integration capabilities According to verified users, BAS buyers often look for a balance between fast deployment and meaningful integrations with the rest of the security stack. In recent G2 reviews, that combination shows up in mentions of intuitive dashboards, simple setup, and the ability to connect with SIEM, EDR, XDR, firewalls, web application firewalls, and other existing controls. Reviewers value platforms that make simulations easy to run without heavy operational overhead, while still helping teams validate logs, isolate which control blocked an attack, and turn findings into remediation steps. Integration breadth matters most when it improves visibility, reduces manual testing, and supports continuous validation across multiple layers of defense. ### Most reliable Breach And Attack Simulation BAS platforms proven by long-term enterprise deployments Based on G2 reviews, these BAS platforms appear most often in feedback describing dependable use in ongoing programs. - [Picus Security](https://www.g2.com/products/picus-security) — continuous validation across enterprise security controls. - [Cymulate](https://www.g2.com/products/cymulate) — recurring assessments with broad control coverage. - [Right-Hand Cybersecurity](https://www.g2.com/products/right-hand-cybersecurity) — sustained phishing and awareness program management. - [Adaptive Security](https://www.g2.com/products/adaptive-security) — ongoing simulations and training at scale. ### What are the most important features in bas tools According to verified users, the most important features in bas tools are realistic attack simulation, continuous validation, and clear remediation guidance. Recent reviews also emphasize broad threat libraries, support for MITRE-aligned scenarios, and reporting that helps both technical teams and leadership understand gaps. Buyers repeatedly mention integration with SIEM, EDR, XDR, firewalls, and web security tools as a priority because it helps confirm whether controls are detecting or blocking attacks as expected. Ease of setup and ease of use also matter because teams want to run assessments regularly, not just occasionally. The strongest products help teams find misconfigurations, validate detections, prioritize fixes, and keep security programs proactive instead of reactive. ### How do teams use Breach and Attack Simulation (BAS) for remediation guidance G2 reviewers mention that teams use BAS to move from identifying gaps to fixing them faster. In recent reviews, users describe running attack simulations to expose weak points across endpoint, network, email, web, and broader security controls, then using the resulting guidance to tune configurations, improve detection rules, and prioritize remediation work. Some reviewers specifically value vendor-specific or easy-to-apply recommendations because they reduce guesswork for analysts and administrators. Others highlight retesting after changes to confirm that fixes actually worked. For buyers, the practical value of BAS is not just finding exposure, but making remediation more measurable, repeatable, and aligned with how real attacks would interact with existing defenses.