Cyber Hygiene in the COVID-19 Era: Breach and Attack Emulation

BAE tools go well beyond the capabilities of BAS and allow organizations to conduct near-continuous penetration testing: Aite Group

Boston, MA (Apr. 29, 2020) – Penetration testing is a widely accepted industry practice to complement vulnerability scanning and evaluate the effectiveness of cyber defenses. But penetration testing is labor-intensive and dependent on highly qualified cyber professionals—and expensive. Fortunately, a new breed of tools—breach and attack emulation—is emerging that can automate penetration testing processes and increase testing cycles at significantly reduced cost.

This Impact Brief describes the differences between breach and attack simulation and BAE, and includes an example of how an organization is using a BAE product to lower its cyber risk. It is based on Aite Group’s telephone and in-person conversations with 15 security professionals, conducted from mid-December 2019 to mid-March 2020, as well as an extended interview with a cyber defense manager at a large financial services company that is using a new BAE tool to reduce the company’s overall cyber risk.

Click here for the online summary or to download the table of contents.

This report mentions Pcysys.

About Aite Group

Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on the financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We partner with our clients, revealing their blind spots and delivering insights to make their businesses smarter and stronger. Visit us at

Source: Aite Group

Tags: , , , , ,