AttackIQ Flex

AttackIQ Flex is on-demand, agentless test-as-a-service. It enables organizations to quickly emulate adversary behavior through a simplified user experience, delivering detailed security control performance metrics and mitigations in minutes.

Testing for Everyone

Pay as you go, flexible consumption democratizes testing by unlocking security validation for organizations where it was previously impractical.

Fastest Time to Visibility

Through agentless testing, organizations deploy Flex and get answers to their security validation questions in a matter of minutes instead of weeks.

Simplified Testing

A cornerstone of AttackIQ Flex, the self-contained test packages streamline design and execution and reduce the complexity associated with validating security controls.

Enhanced Visibility

The self-contained test packages enable organizations to conduct rapid tests on any network, regardless of whether they don’t manage them or aren’t internet connected.

AttackIQ Flex Offering

AttackIQ Flex provides an economical means of validating security controls without the need for expensive and time-consuming manual testing. With a pay as you go consumption model, you can test as little or as much as you want and across elements of your business.

Threat Emulations

Comprehensive adversary emulations run as self-contained test packages, validating controls against emerging threats.

Security Control Baseline

Security Control Baseline. Tests the efficacy of EDR, AV and content filtering security controls.

CISA Alert and Threat Descriptions

The AttackIQ Adversary Research Team produces attack graphs within 48 hours of CISA alerts and responds to emerging threats so you can validate your controls against real-world actors.


Security Baseline Adversary Emulation
CISO executive summary with recommended courses of action for improving security posture
Attack graphs with detailed adversary intelligence
Your test performance score and global comparisons
Detailed prevention results by stage and technique
Detailed MITRE ATT&CK and AttackIQ specific mitigations
Attack methodology and emulation details, steps executed

AttackIQ Flex

AttackIQ Flex is your first step towards security optimization.

Contact us today and unlock the flexible package needed to validate your defenses, emulate real-world attacks, and validate your security controls through our unique pay as you go, test as-a-service.

By submitting this form you indicate that you have read and agree to the terms of our Privacy Policy.

Common Questions

Flex is an agentless breach and attack simulation tool, which we refer to as “test as a service.” It utilizes the AttackIQ platform and employs self-contained test packages to automate security testing without the need for any configuration or agents.
Flex is a lightweight implementation of the AttackIQ breach and attack simulation platform. Where Enterprise allows for more customization, Flex contains fully packaged scenarios. Click, run and done.
AttackIQ utilizes live malware samples that are saved and written to the local file system without execution. Using a hash comparison, Flex determines which samples were successfully planted on the endpoint. At the conclusion of the test, all staged files are promptly removed as part of the cleanup process.
Credits are provided for free in limited supply and will be available for purchase soon.
We’re always adding new tests and regularly provide curated content, including new adversary emulations as new attacker campaigns emerge.
There are two types of packages currently available. Adversary campaign tests and baseline tests. Baseline tests assess the efficacy of your core security controls while adversary emulations test your ability to withstand TTPs of known attacker campaigns.
No. Flex contains a smaller subset of content than enterprise.
Flex automatically generates a comprehensive report once the testing output is uploaded to the Flex portal. Specific report content varies depending on the report that is run.
The lightweight implementation of Flex means users can only run the packages available in the menu. Customers may wish to pick and choose multiple tests to run together.
Users can download a Flex test package and upload and execute on the endpoint of any supported OS.
Only Windows OS is currently supported with additional support coming soon.

There are innumberable uses cases for Flex. Below are some initial examples.

  • Zero trust. Perform regular testing to validate the security of critical assets.
  • SMB. Organizations with small network and security stacks, limited in house resources want to include security testing as part of security program
  • Red team augmentation. Automate the scripting and execution of attack scenarios and penetration tests, allowing red teams to comprehensively test security controls, identify vulnerabilities, and provide mitigations
  • Purple teaming augmentation. Design and execute attack scenarios against defenders with immediate feedback into people, process, and technology efficacy
  • Regular self-managed security validation. Basic security validation and breach and attack simulation
  • Fully managed security validation program. Conduct regular security validation but doesn’t have the staff to support in house testing
  • Security posture assessment. Use Flex to validate security controls by scaling as many test points as you need for a representative sample of your environment.
  • Managed service provider. Insurance provider or underwriter wants insuree to run a risk assessment on their network to determine coverage.
  • Network consolidation, including M&A activity. Acquirer or parent organization wants to quickly bring on new branch networks into the corporate umbrella. Deploying agents takes too long for the request.