FAQs

We've compiled a list of common questions about our cloud security platform with clear and helpful answers to address your concerns.
Table of Contents
Understanding The Mitigant Platform
This is some text inside of a div block.
Getting Started - General
This is some text inside of a div block.
Cloud Attack Emulation (CAE) - Getting Started
This is some text inside of a div block.
Cloud Attack Emulation (CAE) - Safety Measures
This is some text inside of a div block.
Cloud Security Posture Management (CSPM)
This is some text inside of a div block.
Kubernetes Security Posture Management (KSPM)
This is some text inside of a div block.
Technical Capabilities - Platform Wide
This is some text inside of a div block.
Platform Capabilities - All Products
This is some text inside of a div block.
Use Cases & Benefits
This is some text inside of a div block.
Business & Pricing
This is some text inside of a div block.
Mitigant versus Breach & Attack Simulation
This is some text inside of a div block.
Comparison & Alternatives
This is some text inside of a div block.
Security & Trust
This is some text inside of a div block.
Implementation & Operations
This is some text inside of a div block.
Advanced Topics
This is some text inside of a div block.
Bring Your Own Role (BYOR) - Deep Dive
This is some text inside of a div block.

Mitigant versus Breach & Attack Simulation

Mitigant is a cloud-native Adversarial Exposure Validation (AEV) platform. This section explains how AEV differs from traditional Breach and Attack Simulation (BAS), and where Mitigant fits for teams evaluating BAS tools or cloud alternatives.

Is Mitigant a breach and attack simulation (BAS) tool?

Mitigant is an Adversarial Exposure Validation (AEV) platform, the category Gartner defined to consolidate breach and attack simulation, penetration testing, and red teaming into continuous, evidence-based validation. It delivers what BAS promises but is built cloud-native and goes further: it executes real, safe attacks in the customer's own cloud rather than simulations in a sandbox. https://mitigant.io/en/blog/rethinking-cloud-security-strategies-with-adversarial-exposure-validation

What is the difference between Adversarial Exposure Validation (AEV) and traditional BAS?

BAS is one of the three older categories, alongside penetration testing and red teaming, that AEV consolidates. Traditional BAS grew out of endpoint and network testing and added cloud later. AEV as Mitigant implements it is cloud-native from the ground up: real attacks across the cloud control plane and data plane, validating exploitability continuously. https://mitigant.io/en/blog/rethinking-cloud-security-strategies-with-adversarial-exposure-validation

How is Mitigant different from traditional BAS tools?

Does Mitigant run real attacks or simulated ones?

Mitigant runs real, safe, reversible attacks in the customer's own cloud, with guardrails and automatic cleanup that leave no residual impact. Traditional BAS typically simulates against agents or sandboxes rather than the live environment. https://mitigant.io/en/blog/cloud-attack-emulation-101-shallow-waters#attack-methodology-design-for-safety

Do organizations still need a separate BAS tool alongside Mitigant?

For cloud, Mitigant covers what BAS provides and extends it: real attack execution in the live cloud, multi-cloud coverage, exploitability validation, and continuous operation. Teams typically consolidate cloud validation onto Mitigant. https://mitigant.io/en/platform

BAS vendors also claim CTEM. How is Mitigant's approach to CTEM different?

Many BAS tools market CTEM but cover only the validation step. Mitigant delivers the full CTEM cycle for cloud natively: cloud-native CSPM for discovery, scoping, and prioritization (https://mitigant.io/en/cloud-security-posture-management); attack emulation for validation to cut false positives; compliance alignment; and findings pushed into SIEM and SOC to mobilize fixes. https://mitigant.io/en/blog/rethinking-cloud-security-strategies-with-adversarial-exposure-validation#mitigant-supercharges-ctem-programs-with-aev

Why choose a cloud-native platform over adapting a traditional BAS tool for the cloud?

Cloud attacks target identity, the control plane, and the data plane, layers a tool built for endpoints and networks reaches only at the surface. A cloud-native platform validates these depths directly, with 500+ cloud-native attacks across AWS, Azure, and Google Cloud plus AI red teaming (https://mitigant.io/en/solutions/ai-red-teaming) and evidence for every step. Mitigant is also EU-based and built in Germany; data residency details on the Security & Trust FAQ (https://mitigant.io/en/faqs/security-trust). https://mitigant.io/en/blog/cspm-scans-are-not-cloud-penetration-tests-understanding-the-critical-difference

This is some text inside of a div block.

About Mitigant

Mitigant is a German cybersecurity company pioneering cloud security validation through attack emulation and Security Chaos Engineering. Founded by researchers from Hasso Plattner Institute with over 20 years of combined cloud security experience, Mitigant provides an integrated security platform combining CSPM, KSPM, and Cloud Attack Emulation.

The platform enables organizations of all sizes to proactively verify the readiness and resilience of their cloud-native infrastructures across AWS, Azure, and Kubernetes against potential cyber threats. By combining continuous posture management with attack validation based on MITRE ATT&CK and ATLAS frameworks, Mitigant helps detect and remediate security blind spots within cloud security strategies, tools, and teams.

Contact Information

Partnerships & Recognition

  • Strategic partner with German Federal Office for Information Security (BSI)
  • Selected for Google for Startups Growth Academy: AI for Cybersecurity
  • Member of Digital Hub Bonn
  • Strategic partnerships with GlobalDots, Future Spirits, Syself, and Fogbyte
This FAQ is regularly updated to reflect the latest platform capabilities and industry best practices.
Last Updated: July 2026

Expose Threats with AI-Powered Adversary Emulation

Safely run controlled cloud attacks and validate your real defensive capabilities in minutes. No credit card required.