About BAS

What is Breach and Attack Simulation?

Breach and attack simulations are an advanced computer security testing method. These simulations identify vulnerabilities in security environments by mimicking the likely attack paths and techniques used by malicious actors. In this sense, a breach and attack simulation acts much like a continuous, automated penetration test.

Attack Vectors

Immediate threats

Validate your defenses against the latest cyber-attacks found in the wild, updated daily

Web app Firewall

Validate your defenses against web application attacks, including OWASP top ten.

Web Gateway

Validate your defenses against malicious inbound and outbound web browsing and command and control

Email Gateway

Validate your defenses against thousands of malicious emails constructs, attachments, and links.

Lateral Movement

From an initial foothold propagate within the network to find critical assets in your company

Data Exfiltration

Validate that sensitive and critical data cannot be exfiltrated from the organization

Phishing Awareness

Launch phishing campaigns to evaluate employee and company susceptibility at any time

Attack Surface Management

External attack surface analysis and intelligence gathering on your company at any time

Endpoint Security

Validate detection and prevention of endpoint ATT&CK TTPs including ransomware, worms, and more

How it works?

1 – Simulate Attacks

Diagon tests the strength of your security by simulating real cyber attacks across all attack vectors as seen above. That way you can protect yourself from threats before ever show up

2 – Evaluate Security Controls to Identify Gaps

Get a clear report that details your up-to-the-moment security posture. Diagon uses proven methodologies to evaluate cyber risk such as NIST, CVSS V3 and Microsoft DREAD

3 – Remediate with Actionable Insights

Stay one step ahead of the game. Diagon gives you direct instructions to reduce your attack surface and makes it easy to prioritize which gaps to close first.