Reviewed by Matthew Hreben & Michael Diehl

Vendor:  Cymulate

Product:  Cymulate APT

Price:  $30,000 to $500,000 based on company size, number of attack vectors and number of assessments per year.

Contact:  cymulate.com

What it does: Attack simulation platform that focuses on multiple attack vectors.

What we liked: Simulation platform with a beautiful UI. This solution places emphasis on the attack vectors.

Cymulate APT is a SaaS-based BAS platform that allows organizations to assess accurately their security readiness. In practice, this solution fashions an Advanced Persistent Threat (APT) simulation using a wide range of attack vectors, which comprehensively exercises that organization’s defenses. It is not a one-dimensional exercise, more like a full-fledged series of war games that assaults a network in multiphase waves.

Analysts modeling the strain on their network’s ability to cope with threats at the pre-exploitation stage can view the impact of the continued attack on email, data and web applications. Attacks rarely stop at the front door, so it is crucial to continue the analysis of true-response capability to real incidents with post-exploitation modules like the Hopper Agent, as well as Endpoint and Data Exfiltration. The end result is an assessment that concurrently improves awareness among employees against phishing, ransomware and other attacks. 

Installation requirements to begin testing with the environment can be as simple as a single, dedicated workstation, although Cymulate also sits easily on multiple VLANs. We found Cymulate’s interface very modern and easy to use. The logic of the navigation menu on the left side of the dashboard is also apparent, driven by the modular structure of the tool.

This solution’s structure is very flexible, and Cymulate has found that many customers want to use the platform as soon as they have performed the free assessment. Not all attack vectors are relevant for all customers, with different attack vectors signifying different importance for different customers. Conversely, data exfiltration may be critical for a law firm and less important for online retail. Therefore, Cymulate created a model that enables the customer to pick and choose exactly which vectors are needed, defining assessment frequency based on vector importance. 

An important aspect of simulation is the overall design for how and when Cymulate initiates scheduled attacks for every vector, particularly how it focuses on a single vector in terms of the Cymulate’s benchmark score. If the benchmark from a simulation falls below 80 percent, analysts are alerted so they can investigate why this happened. If it is 80 percent or above an alert isn’t needed because it met the standard you set.

Cymulate’s yearly subscription spans a wide range of price points, given the modular nature of the product. The base price provides access to the platform, updates and support and includes one domain. Beyond that, price variables include the organization size, which impacts the number of vectors required to test, and the number of assessments, limited or unlimited. As an example, a customer can purchase the platform with two attack vectors with unlimited assessments (for one year) plus 10 assessments of any other additional attack vector. Individual requests for support are fulfilled within 24 hours of submission via phone or email.