Can I try Mitigant CAE without touching production?

‍

Absolutely. Most customers start with pre-production environments to build confidence before moving to production testing. With Mitigant CAE, you have complete flexibility to choose where attack emulations run.

‍

Mitigant CAE supports two recommended approaches for getting started:

1. Non-Production Testing: Run attack emulations in dev, test, or staging environments. This is completely risk-free and allows you to:

• Prove the platform works with zero business impact
• Build team familiarity with attack scenarios
• Validate your security controls in a safe environment
• Learn how your detection tools respond

‍

2. Enumeration Attacks First: Start with discovery-only attacks that are completely harmless. These attacks don't create or modify any resources—they only observe. They're mapped to the MITRE ATT&CK Discovery tactics and help tune your detection systems without risk.

‍

Once you're comfortable, you can graduate to limited production testing with comprehensive safety controls in place.

‍

Learn more: Cloud Attack Emulation 101: Getting Started

‍

‍

‍

‍

What attack scenarios can Mitigant CAE emulate?

‍

Mitigant CAE offers 200+ cloud attacks organized into:

Attack Actions: Atomic security tests that emulate specific attacker techniques

• Mapped to MITRE ATT&CK for Enterprise (cloud IaaS tactics)
• Mapped to MITRE ATLAS for AI/GenAI workload attacks
• Include tactics across the full attack lifecycle: initial access, execution, persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement, collection, exfiltration, and impact

‍

Attack Scenarios: Multi-step attacks that chain multiple techniques together

• Simulate realistic adversary behavior
• Include real-world attack patterns like:
  • LLMJacking (compromising cloud-based LLMs)
  • Ransomware attacks
  • Data breaches
  • Credential harvesting from AWS Secrets Manager
  • Cloud service hijacking
  • AndroxGh0st malware emulation

‍

Multi-Cloud Attack Scenarios: Multi-step attacks that chain multiple techniques together and span across AWS and Azure cloud infrastructure

• Simulate realistic adversary behavior seen across multi-cloud infrastructure
• Validate if your threat detection capabilities can detect malicious multi-cloud interactions, e.g., API calls.

‍

Threat Actor Emulation: Attacks tagged with specific threat actors

• Enables Threat-Informed Defense strategies
• Emulate behavior of threat actors relevant to your industry (e.g., Scattered Spider)

‍

Custom Scenarios: Build your own attack scenarios combining available attack actions based on specific use cases or threat intelligence.

‍

Custom Attack Actions (Coming soon): Build your own attack actions from scratch to suit your use cases.

‍

Learn more: MITRE ATT&CK Cloud Matrix - Part I | Part II

See also: Demystifying The Most Pervasive Cloud Attack Techniques

‍

‍

‍

‍

How does Mitigant CAE fit into my existing security workflow?

‍

Mitigant CAE complements your existing tools:

‍

With CSPM/CNAPP:

• CSPM/CNAPP tells you what's misconfigured
• CAE proves whether it's exploitable
• Reduces false positives and prioritizes real risks

‍

With SIEM/CDR:

• CAE generates real attack telemetry
• Validates whether your detection rules actually trigger
• Provides Sigma rules for detection engineering

‍

With Vulnerability Scanners:

• Scanners find CVEs in software
• CAE validates cloud misconfigurations and IAM issues
• Together they provide comprehensive coverage

‍

With Penetration Testing:

• Use CAE continuously between annual pen tests
• Validate that pen test findings were fixed
• More affordable for frequent testing

‍

Learn more: Cloud Attack Emulation: Democratizing Security Operations in the Cloud

‍