In your idea why a customer should do a BAS if they already have gone through vapt?
Userlevel 2
+2
Hey
This is Nir from the product team!
I wanted to share some articles with you that explain the importance of validating your security posture with BAS instead of just relying on VAPT.
1. Gartner blog
2. Cymulate’s blog
Thank you!
Hi
To add to the information Nir shared, the scope of each depends on the specific definition you subscribe to. The approaches are certainly not mutually exclusive as there are supporting and overlapping activities.
The main difference between Breach and Attack Simulation (BAS) and Vulnerability Assessment and Penetration Testing (VAPT) is the scope of the testing. BAS tests individual security controls and the full kill chain, as frequently as required, while VAPT focuses on a particular scope and set of objectives, providing a binary answer of whether the tester achieved the objective or not.
Additionally, BAS through an automated platform is accessible to a wider range of skill levels, whereas VAPT generally requires expert pen-testers to customize their efforts to the scope and objectives of the test.
Great question!
Kind regards,
Renier
Reply
Login to the community
No account yet? Create an account
Login
CUSTOMER / CYMULATE EMPLOYEE LOGINor
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.