Latka logo

Top 25 Breach and Attack Simulation (BAS) Software SaaS Companies in May 2026

As of May 2026, there are 25 SaaS companies in Breach and Attack Simulation (BAS) Software. They have combined revenues of $294M and employ 1.9K people. They have raised $458.4M and serve 12.2K customers combined.

Breach and Attack Simulation (BAS) software is a cybersecurity tool designed to proactively assess and enhance an organization's security posture by simulating real-world cyberattacks. It automates the process of testing security measures, enabling organizations to identify vulnerabilities and validate the effectiveness of their defenses. Key use cases include continuous monitoring of security readiness, validating security controls, and complementing traditional penetration testing efforts. Typically, BAS solutions provide features such as automated attack simulations, detailed reporting on vulnerabilities, and guidance on remediation strategies. They cater to a variety of organizations focusing on cybersecurity, including IT departments, security operations teams, and compliance professionals. By facilitating routine testing, BAS software helps organizations prepare for potential breaches, thereby strengthening their overall cybersecurity framework.

Companies
25
Revenue
$294M
Funding
$458.4M
Employees
1.9K

Filters

Sorting: Highest -> Lowest

Filters
Revenue
All<$1M$1M-$5M$5M-$10M$10M-$100M$100M+
Funding (Locked)Growth (Locked)Team-Size (Locked)

Top Breach and Attack Simulation (BAS) Software Companies

Showing 10 of 2 companies ranked by annual revenue.

1
CyCognito

Palo Alto, California, United States

Developer of a cloud-based network security analysis platform designed to discover an organization's security weak spots. The company's platform is an external and automatic attack simulation platform that provides organizations with a clear and continuous external analysis of their IT ecosystem in the eyes of a sophisticated attacker, including the primary potential attack vectors that lead to data breaches, enabling security analysts and management to prioritize remediation actions and eliminate cybersecurity threats.

Revenue
$8.4M
Customers
-
Year founded
2017
Funding
$53M
Team size
159
Growth
26.8%
2
OnDefend

Jacksonville, Florida, United States

OnDefend provides preventative cybersecurity testing and advisory services within the cybersecurity industry, offering services including breach and attack simulations, ransomware defense validation, security control validation, compliance consulting, and security program maturity consulting.

Revenue
$6.8M
Customers
-
Year founded
-
Funding
-
Team size
63
Growth
-

Inclusion Criteria

- The product must automate the simulation of real-world cyberattacks. - It should provide detailed reports on vulnerabilities and security posture. - The software must facilitate ongoing monitoring and assessment of security controls. - It needs to support various attack scenarios to test different components of the security infrastructure. - Not just focused on compliance; must also improve proactive threat detection and response capabilities.

Breach and Attack Simulation (BAS) Software SaaS Companies | GetLatka