Platform Capabilities - All Products
How often can we run validations?
CSPM/KSPM (Continuous):
- Always-on monitoring
- Real-time detection of changes
- Immediate alerts for new issues
- No manual triggering required
CAE (Flexible Scheduling):
- Automated Scheduling: Use Attack Scheduler for recurring campaigns (daily, weekly, custom intervals)
- On-Demand Execution: Run attacks anytime with button clicks
- Continuous Validation: Aligns with CTEM (Continuous Threat Exposure Management) methodology
Perfect for:
- After deploying new security controls (CAE)
- During incident response exercises (CAE)
- When responding to new threat intelligence (CAE)
- For compliance audits (all products)
- Post-incident validation that remediation worked (CAE + CSPM)
This continuous/flexible approach contrasts sharply with annual penetration tests—you get ongoing assurance instead of point-in-time validation.
What frameworks does the Mitigant Platform align with?
Attack Frameworks (CAE):
- MITRE ATT&CK for Enterprise: All cloud attack techniques mapped
- MITRE ATLAS: AI/ML security techniques for GenAI workloads
- Over 200 techniques across both frameworks
Compliance Frameworks (CSPM/KSPM):
- ISO 27001
- SOC 2
- HIPAA
- BSI C5 (German cloud security standard)
- CIS Benchmarks for AWS, Azure, and Kubernetes
- NIS2 Directive (European cybersecurity requirements)
- DORA
- NIST
Security Methodologies (All Products):
- CTEM (Continuous Threat Exposure Management): Aligns with Gartner's methodology
- Threat-Informed Defense: Use threat intelligence to prioritize security investments
- Security Chaos Engineering: Research-based approach to building cyber resilience
See platform details: Cloud Attack Emulation Platform