Search

FAQs

We've compiled a list of common questions about our cloud security platform with clear and helpful answers to address your concerns.
Table of Contents
Understanding The Mitigant Platform
This is some text inside of a div block.
Getting Started - General
This is some text inside of a div block.
Cloud Attack Emulation (CAE) - Getting Started
This is some text inside of a div block.
Cloud Attack Emulation (CAE) - Safety Measures
This is some text inside of a div block.
Cloud Security Posture Management (CSPM)
This is some text inside of a div block.
Kubernetes Security Posture Management (KSPM)
This is some text inside of a div block.
Technical Capabilities - Platform Wide
This is some text inside of a div block.
Platform Capabilities - All Products
This is some text inside of a div block.
Use Cases & Benefits
This is some text inside of a div block.
Business & Pricing
This is some text inside of a div block.
Comparison & Alternatives
This is some text inside of a div block.
Security & Trust
This is some text inside of a div block.
Implementation & Operations
This is some text inside of a div block.
Advanced Topics
This is some text inside of a div block.
Bring Your Own Role (BYOR) - Deep Dive
This is some text inside of a div block.
Related articles
Sunlit grassy hills and valley below a snow-capped mountain under dark, dramatic clouds.
This is another article on the site
This is also a heading
This is a heading

Technical Capabilities - Platform Wide

Which cloud providers does the Mitigant Platform support?

All Products (CSPM, KSPM, CAE):

  • Amazon Web Services (AWS)
  • Microsoft Azure

KSPM Additionally Supports:

  • Self-hosted Kubernetes clusters (any distribution)
  • Managed Kubernetes services (EKS, AKS, GKE)
  • OpenShift, Rancher, K3s, MicroK8s

Multi-Cloud Capabilities:

  • Single platform for all cloud providers
  • Unified reporting and dashboards
  • Cross-cloud security policies
  • Consistent compliance framework

Learn more: Feature Release: Cloud Attack Emulation for Azure

Does the Mitigant Platform require agents?

No. All products are completely agentless:

CSPM:

  • API-based monitoring
  • No agents on VMs or containers
  • Read-only access via cloud provider APIs

KSPM:

  • Connects to Kubernetes API
  • No DaemonSets or sidecars
  • No performance impact on workloads

CAE:

  • API-driven attack execution
  • No software installation required
  • Works through cloud service interfaces

Benefits of agentless architecture:

  • Faster deployment (minutes, not weeks)
  • No maintenance overhead
  • No compatibility issues
  • Works equally well for ephemeral and persistent infrastructure
  • No performance impact on production workloads
  • Reduced attack surface

How does the Mitigant Platform integrate with our SIEM?

The Mitigant Platform provides multiple integration options:

Event Log Export (All Products):

  • Export security findings to your SIEM
  • CAE automatically retrieves attack telemetry
  • CSPM/KSPM export misconfiguration alerts
  • Standard formats (JSON, Syslog)

Microsoft Sentinel Integration (CAE):

  • Deep integration with Microsoft Sentinel
  • Attack telemetry flows directly into Sentinel for analysis
  • Bi-directional integration for enhanced detection and response

Learn more: Ultimate Combo: Cloud Attack Emulation meets Microsoft Sentinel

Sigma Rules (CAE):

  • For each attack, Mitigant provides corresponding Sigma rules
  • Standardized detection rules can be copied to any SIEM
  • Saves time for detection engineers
  • Helps remediate failed or misconfigured detection systems

Learn more: Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven

Notification Integrations (All Products):

  • Slack
  • Microsoft Teams
  • Jira
  • PagerDuty
  • Email
  • Webhooks for custom integrations

API Access (All Products):

  • RESTful API for programmatic access
  • Integration into CI/CD pipelines
  • Custom workflows and automation
  • Attack-as-Code support (CAE)

What permissions does the Mitigant Platform need?

Mitigant follows the principle of least privilege, and requirements vary by product:

CSPM Permissions (Read-Only):

  • Discover and inventory resources
  • View cloud configurations
  • Monitor for suspicious activities
  • Examples: ec2:Describe*, s3:GetBucketPolicy, iam:List*

KSPM Permissions (Read-Only):

  • Access to Kubernetes API
  • Read cluster configurations
  • View pod and deployment specs
  • No write permissions required

CAE Permissions BYOR, admin, and non-admin roles:

  • You define the permissions through BYOR
  • Controlled write permissions scoped to specific resources you authorize
  • You can restrict by tags, accounts, regions, services, or resource types
  • See the BYOR section below for detailed configuration options

Customization Options (CAE with BYOR):

  • Restrict by resource tags: Only allow attacks on resources tagged.
  • Restrict by account: Provide access only to non-production AWS accounts or Azure subscriptions
  • Restrict by region: Limit operations to specific geographic regions
  • Restrict by service: Grant access only to specific cloud services (e.g., S3 and EC2, but not RDS)
  • Restrict by resource type: Allow access to VMs but not databases
  • Set budget limits: Use IAM conditions to enforce cost controls
  • Time-based restrictions: Implement time-of-day or maintenance window constraints

Implementation:

  • Mitigant provides example IAM policies during onboarding
  • You can modify templates to match your security requirements
  • CloudFormation templates include documented permissions
  • All required permissions are transparently listed—no hidden access

This is some text inside of a div block.

Still have questions?

Can't find the answer you're looking for? We're here to help.
White calendar icon with two rings on top and grid squares inside on a black circular background.
Book a Demo
Talk with our team
Black rocket ship icon with three flame trails in a circular border.
Start Free Trial
Try Mitigant risk-free
Icon of a white telephone handset on a green circular background symbolizing a phone call.
Contact Us
Get in touch with us
White book icon with vertical lines representing text on a transparent background.
Explore Resources
Read our blog

Additional Resources:

About Mitigant

Mitigant is a German cybersecurity company pioneering cloud security validation through attack emulation and Security Chaos Engineering. Founded by researchers from Hasso Plattner Institute with over 20 years of combined cloud security experience, Mitigant provides an integrated security platform combining CSPM, KSPM, and Cloud Attack Emulation.

The platform enables organizations of all sizes to proactively verify the readiness and resilience of their cloud-native infrastructures across AWS, Azure, and Kubernetes against potential cyber threats. By combining continuous posture management with attack validation based on MITRE ATT&CK and ATLAS frameworks, Mitigant helps detect and remediate security blind spots within cloud security strategies, tools, and teams.

Contact Information

Partnerships & Recognition

  • Strategic partner with German Federal Office for Information Security (BSI)
  • Selected for Google for Startups Growth Academy: AI for Cybersecurity
  • Member of Digital Hub Bonn
  • Strategic partnerships with GlobalDots, Future Spirits, Syself, and Fogbyte
This FAQ is regularly updated to reflect the latest platform capabilities and industry best practices.
Last Updated: November 2025

Join The Cloud Security Revolution Today!

Take control of your cloud security in minutes. No credit card required.
Get Demo Environment
Start 30-day Free Trial