Search

FAQs

We've compiled a list of common questions about our cloud security platform with clear and helpful answers to address your concerns.
Table of Contents
Related articles
This is another article on the site
This is also a heading
This is a heading

Implementation & Operations

How long does a typical POC take?

A proof of concept typically follows this timeline:

Week 1-2: Setup & Initial Assessment

  • Onboard 1-2 cloud accounts (takes 10-15 minutes each)
  • Set up CSPM for continuous monitoring
  • Configure KSPM if using Kubernetes
  • Create and provide IAM role with initial permissions (BYOR for CAE)
  • Run initial CSPM/KSPM assessment
  • Start with enumeration attacks (CAE - harmless, read-only)

Week 3-4: Pre-Production Testing

  • Analyze CSPM/KSPM findings
  • Expand CAE permissions for write operations in test environments
  • Run CAE attack scenarios in dev/test
  • Validate platform capabilities
  • Train security team on platform features

Week 5-8: Production Validation (Optional)

  • Refine CAE role permissions for production scope
  • Select non-critical workloads for CAE testing
  • Run supervised attacks during maintenance windows
  • Validate detection and response capabilities
  • Measure detection gaps and remediation effectiveness

Week 9+: Scale Decision

  • Evaluate results and ROI
  • Adjust permissions and scope
  • Decide on broader deployment
  • Negotiate contract terms

Many customers are comfortable making a decision after 4-6 weeks of hands-on experience.

Do we need specialized skills to use the Mitigant Platform?

No specialized expertise required:

Who Can Use Mitigant:

  • Cloud security engineers (all products)
  • DevOps/platform engineers (KSPM, CSPM)
  • Security analysts (all products)
  • Detection engineers (CAE)
  • Compliance teams (CSPM)
  • Any team member responsible for cloud security

What Makes It Accessible:

  • No coding required for running attacks (CAE)
  • Pre-built attack scenarios based on MITRE ATT&CK (CAE)
  • Automatic recommendations based on your environment (all products)
  • Clear remediation guidance provided (CSPM/KSPM)
  • Sigma rules included for detection engineers (CAE)
  • BYOR setup uses standard IAM concepts familiar to cloud teams (CAE)

Learning Curve:

  • Web-based interface is intuitive
  • Attack execution is button-click simple (CAE)
  • Interpretation of results is straightforward
  • Documentation and support available
  • IAM role configuration follows cloud best practices (CAE)

That said, understanding cloud architecture, security concepts, and IAM is helpful to maximize value from the platform.

Watch: Getting Started with Security Chaos Engineering (Webinar)

Can we run this in air-gapped environments?

The Mitigant Platform is designed as a SaaS solution requiring internet connectivity. For organizations with strict air-gap requirements, please contact us to discuss:

  • Potential on-premises deployment options
  • Hybrid architectures
  • Specific compliance needs
  • Custom deployment models

Join The Cloud Security Revolution Today!

Take control of your cloud security in minutes. No credit card required.
Get Demo Environment
Start 30-day Free Trial