I am often asked if there is a difference between breach and attack simulation (BAS) and cyber range platforms. And the short answer is yes; they’re apples and oranges, as they provide entirely different outcomes. But let’s start with defining both:
- BAS – An artificial intelligence- and machine learning-driven cybersecurity testing method that identifies vulnerabilities by simulating attack vectors and hacker techniques.
- Cyber defense category: vulnerability management
- Providers: AttackIQ, Cymulate, Praetorian, NetSPI, Redscan, and SafeBreach
- Cyber Range – A virtualized environment that mimics a production environment to defend against high-fidelity cyberattacks interactively.
- Cyber defense category: red teaming
- Providers: Cloud Range, Cyberbit, Field Effect, OffSec, RangeForce, and SimSpace
Both types of platform are intended to provide advanced levels of cybersecurity testing and training. Computer-based training and classroom instruction are good sources for fundamentals but fail to effectively provide the skills needed to produce threat hunters and senior cyber defenders. Enter BAS and cyber ranges. It is not unusual to see an organization with both solutions as part of its upskilling program.
A Side-by-Side Comparison
The table below is a comparison of BAS and cyber range platforms.
Selecting the right system can be confusing as many names, such as cyberattack simulation, attack path and threat simulators, attack surface testing, red team simulation, and threat modeling, are used to label platforms. The terminology is often mixed between BAS and cyber ranges as well. Both disciplines are rapidly growing, garnering venture capital investments and new market entrants.
I will write about the cyber range and BAS platforms over the summer and have already begun speaking with vendors and users. Contact me here if you would like to share your experience using a cyber range platform and be interviewed for my report.
