Breach and attack simulation (BAS) products help organizations understand their security posture by automating the tests of specific threat vectors. BAS typically uses MITRE ATT&CK and Cyber Killchain frameworks to emulate attacks such as network and infiltration, lateral movement, phishing, endpoint and gateway attacks, malware, and ransomware.
The goal of these simulations is to test a company’s defenses against these attack vectors. BAS is complementary to but differs from red teaming and penetration testing.
You can think of BAS as going around to check whether all the locks on your doors work and whether your security cameras can detect people walking in front of them. Red teaming or penetration testing, by comparison, would be like hiring someone to try to break into your house and steal your safe, who’d then go and find an unlocked window somewhere that you hadn’t even thought of.
