Company’s diverse product suite empowers organizations of all sizes to unlock the power of automated testing

SANTA CLARA, Calif.—Aug. 3, 2023— For years, adversary emulation and automated testing felt like something limited to more mature organizations. It was perceived to be for folks with massive budgets, lots of know-how or advanced security teams. That perception often left smaller organizations untested and vulnerable, from municipalities to small critical infrastructure owners and operators, and the results weren’t good. According to an Accenture study, 46% of cyberattacks are against small and medium-sized businesses. An untested world is a vulnerable world.

Today, AttackIQ is proud to announce a revolution in testing. AttackIQ pioneered and leads the breach and attack simulation category and today is revolutionizing the testing process with the introduction of a new series of products and managed service offerings. Testing is now available for everyone. And this expansion builds on a decade of success. The company’s enterprise software-as-a-service (SaaS) business has helped hundreds of companies across the global 2000 to conduct automated testing at scale, powered by MITRE ATT&CK.

AttackIQ delivers testing for everyone via AttackIQ Flex, AttackIQ Ready! and AttackIQ Enterprise product offerings. Users anywhere in the world can now use AttackIQ’s advanced adversary emulation capabilities to test. They can do so with any budget, with a simplified testing experience, and with comprehensive risk visibility in minutes. And the best part is: You don’t need to be a cybernerd. Anyone in an organization can do it.

AttackIQ Flex is an on-demand, pay-as-you-go, agentless test-as-a-service solution. It offers a simplified user experience and provides detailed security performance metrics and mitigations in minutes, enabling organizations to conduct granular security validation without recurring fees or complex deployments. AttackIQ Flex can also be used by anyone within the organization, expanding test as a service outside of traditional security organizations. It sets up and runs in minutes and delivers results with immediacy.

“With the addition of AttackIQ Flex, we are spearheading a groundbreaking transformation in how organizations approach security testing,” said Brett Galloway, CEO at AttackIQ. “We have removed the need for long-term licenses to ensure that security validation is within reach for everyone, regardless of their background or industry. You can pay as you go to initiate, run, or expand your testing program to meet your unique demands, whether you are a first-time tester, are testing across new divisions in your business, running a merger and acquisition process, or on-boarding a new military alliance network.”

AttackIQ Flex augments AttackIQ Ready!, a newly launched and fully managed breach and attack simulation (BAS) service that brings the world’s best automated security control validation platform to small and medium-sized businesses (SMBs). AttackIQ Ready! runs the industry’s deepest library of MITRE ATT&CK-aligned adversary emulations to generate actionable reports and clear remediation recommendations on a weekly and monthly basis, to include through attack graphs and CISA alert content from the AttackIQ Adversary Research Team. For the first time, SMBs can benefit from AttackIQ’s comprehensive adversary emulation capabilities and research, including from the Center for Threat-Informed Defense, to optimize their security effectiveness—all through one platform.

“For years, AttackIQ has been the cutting-edge SaaS testing platform to which large enterprises turn when looking to enhance their security program performance,” said Carl Wright, Chief Commercial Officer at AttackIQ. “With AttackIQ Ready! and AttackIQ Flex, we are democratizing cybersecurity testing by extending our expertise and solutions to the entire market and giving organizations the chance to expand their testing capabilities whenever they need. We are now empowering organizations of all sizes to test their controls, make informed decisions, and fortify themselves against emerging threats. We are immensely excited to extend our MITRE ATT&CK-based advanced adversarial testing to everyone in the world through Flex and Ready!”

AttackIQ Enterprise, a co-managed service for large enterprises, continues to deliver AttackIQ’s advanced SaaS offering for mature security organizations while also completing AttackIQ’s new managed service product line. Customers manage the full AttackIQ SaaS platform and have access to the entire testing library at any time. In addition, AttackIQ serves as co-pilot for security teams, building and executing a testing strategy for the customer, providing threat intelligence, reporting and on-demand engineering support to augment the team’s use of the AttackIQ Breach and Attack Simulation Platform.

Pricing and Availability

AttackIQ Flex, AttackIQ Ready! and AttackIQ Enterprise are available now. More details are available at or Booth #3128 at Black Hat Aug. 9-10. For pricing or to schedule a free trial, contact AttackIQ or sign up at

About AttackIQ

AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Breach and Attack Simulation Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. A proud member of the Microsoft Intelligent Security Association (MISA), the Company is committed to giving back to the cybersecurity community through its free award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat-Informed Defense. For more information, visit Follow AttackIQ on TwitterFacebookLinkedIn, and YouTube.