Platform Capabilities - All Products
How often can we run validations?
â
CSPM/KSPM (Continuous):
- Always-on monitoring
- Real-time detection of changes
- Immediate alerts for new issues
- No manual triggering required
â
CAE (Flexible Scheduling):
- Automated Scheduling: Use Attack Scheduler for recurring campaigns (daily, weekly, custom intervals)
- On-Demand Execution: Run attacks anytime with button clicks
- Continuous Validation: Aligns with CTEM (Continuous Threat Exposure Management) methodology
â
Perfect for:
- After deploying new security controls (CAE)
- During incident response exercises (CAE)
- When responding to new threat intelligence (CAE)
- For compliance audits (all products)
- Post-incident validation that remediation worked (CAE + CSPM)
â
This continuous/flexible approach contrasts sharply with annual penetration testsâyou get ongoing assurance instead of point-in-time validation.
â
â
â
What frameworks does the Mitigant Platform align with?
â
Attack Frameworks (CAE):
- MITRE ATT&CK for Enterprise: All cloud attack techniques mapped
- MITRE ATLAS: AI/ML security techniques for GenAI workloads
- Over 200 techniques across both frameworks
â
Compliance Frameworks (CSPM/KSPM):
- ISO 27001
- SOC 2
- HIPAA
- BSI C5 (German cloud security standard)
- CIS Benchmarks for AWS, Azure, and Kubernetes
- NIS2 Directive (European cybersecurity requirements)
- DORA
- NIST
â
Security Methodologies (All Products):
- CTEM (Continuous Threat Exposure Management): Aligns with Gartner's methodology
- Threat-Informed Defense: Use threat intelligence to prioritize security investments
- Security Chaos Engineering: Research-based approach to building cyber resilience
â
See platform details: Cloud Attack Emulation Platform
â