Try our new research platform with insights from 80,000+ expert users

Cymulate vs Picus Security comparison

Cymulate and Picus Security are both solutions in the Breach and Attack Simulation (BAS) category. Cymulate is ranked #1 with an average rating of 8.3, while Picus Security is ranked #4 with an average rating of 9.0. Cymulate holds a 18.3% mindshare in BAS, compared to Picus Security’s 16.8% mindshare. Additionally, 100% of Cymulate users are willing to recommend the solution, compared to 100% of Picus Security users who would recommend it.
Cymulate
Read 6 Cymulate reviews
  • 3,897 Views
  • 2,416 Comparison Views
100% willing to recommend
Picus Security
Read 6 Picus Security reviews
  • 2,250 Views
  • 2,048 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Apr 6, 2025

Cymulate and Picus Security are competitors in the cyber-risk assessment and threat simulation category, focusing on enhancing organizational security. Cymulate seems to have the upper hand due to faster deployment times, more tailored support options, and faster ROI realization.

Features: Cymulate offers comprehensive breach and attack simulation, extensive threat intelligence, and automated testing capabilities. Picus Security emphasizes continuous security validation, seamless integration with existing security controls, and long-term savings through its approach.

Ease of Deployment and Customer Service: Cymulate provides straightforward implementation with proactive customer support, faster deployment, and tailored support options. Picus Security also features easy deployment and valued customer support.

Pricing and ROI: Cymulate presents competitive setup costs with a clear ROI, emphasizing rapid risk reduction. Picus Security shares a similar price point with a focus on long-term savings and continuous testing benefits.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cymulate vs. Picus Security Report (Updated: December 2025).
Buyer's Guide
Cymulate vs. Picus Security
December 2025
Download the complete report
Helped 879,259 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cymulate
Ranking in Breach and Attack Simulation (BAS)
1st
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
6
Ranking in other categories
Threat Intelligence Platforms (TIP) (10th), Attack Surface Management (ASM) (11th), Continuous Threat Exposure Management (CTEM) (2nd)
Picus Security
Ranking in Breach and Attack Simulation (BAS)
4th
Average Rating
9.0
Reviews Sentiment
7.9
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2025, in the Breach and Attack Simulation (BAS) category, the mindshare of Cymulate is 18.3%, down from 22.6% compared to the previous year. The mindshare of Picus Security is 16.8%, down from 18.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Breach and Attack Simulation (BAS) Market Share Distribution
ProductMarket Share (%)
Cymulate18.3%
Picus Security16.8%
Other64.9%
Breach and Attack Simulation (BAS)
 

Featured Reviews

SB
SaarBar
Security Architec at Shikun & Binui
Support and integration enhance security posture over three years
I don't know if there's something that could be improved. They surprise me. As I mentioned, I returned a month ago. I haven't fully investigated the complete system yet. I must say that we have been with them for around three years. This is amazing because throughout these three years, they have supported us every week. We meet weekly to review results and fix issues together. Apart from occasional days off, this weekly support has been consistent for three years. It's remarkable because many products are sold and then the product teams forget about you, but this isn't the case with Cymulate.
Read full review
KA
Kateryna Andrushchenko
Information Security System Manager at CS-Consulting
A tool with great integration capabilities and a good support team
Picus Security has been implemented in our organization to enhance threat detection by allowing us to test some of the other security tools in our company. I recommend the product to others who plan to use it. The tool has not had an impact on our company's overall security posture since the time of implementation since we just used it for some testing purposes, during which it did show some interesting results. I rate the overall tool a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The security validation feature helps my organization in assessing our security posture."
"Cymulate has positively impacted our organization by helping us to take care of the efficacy and reviewing the policies and configuration."
"The most valuable feature for us is the zero-day."
"Cymulate is easy to set up, install, and configure."
"The reporting capabilities are very good."
"With Cymulate, the best features are the capacity to test the EDR or malware, anti-malware solution."
"It's very useful software because the customer mostly configures their IPS and manages their firewalls, WAF, and the DBS according to the latest update, latest news, or according to the situation."
"It provides good reports and offers signature-based solutions."
"You have the liberty of physically executing a specific set of rules in your environment."
"The most valuable feature of the solution is its integration capabilities with the other security tools."
"The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs."
"One of the most valuable features would be the detection capability, specifically the ability to detect alarms and logs collected from SIEM tools."
 

Cons

"We have had some trouble with the agents."
"The reporting process requires significant improvement as it often takes longer than expected and the quality is lacking."
"The cost can be quite high, and it impacts scalability as more simulations require additional expenses."
"The product must provide consultancy for initial setup."
"I will be honest, we have it, but in the last year, I didn't maintain the system until a month ago."
"The way Cymulate works for EDR could be improved, as it drops payload and requires action from the EDR console for remediation, which can block the whole process of Cymulate execution."
"The reporting and data analysis could be improved. Specifically, the analysis of the results."
"Let's say if a customer's environment has 10 security devices and they need to know that there is an attack that has bypassed their devices, they cannot go and inspect every device and every rule in their security devices."
"According to the attack vectors, you cannot specify which product is failing or which product is working well because there's no agent."
"There is room for improvement in the response rate provided by customer support."
"To improve, Picus Security could consider establishing a data center in India to address trust issues and increase interest from Indian customers."
"The amount of integrations that the product can handle is an area of concern, making it one of the aspects where improvements are required."
 

Pricing and Cost Advice

"Cymulate's services are expensive."
"The product is affordable."
"They have certain price ranges for their products, depending upon the use cases, and the number of applications the customer wants to try."
"There is a yearly license according to the number of vectors. The pricing is moderate."
report
See which vendors are best for you
Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.
See recommendations
879,259 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
10%
Manufacturing Company
8%
Retailer
6%
Financial Services Firm
18%
Computer Software Company
9%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Large Enterprise3
No data available
 

Questions from the Community

What do you like most about Cymulate?
The most valuable feature for us is the zero-day.
See all answers
What is your experience regarding pricing and costs for Cymulate?
I don't know if it's expensive. It depends on the modules that you want, or the time, because they give you a tenant. A tenant for you.
See all answers
What needs improvement with Cymulate?
I don't know if that helped with quick decision making for my security team because I am the security team and you must have a dedicated team to work with this tool. I don't use the analytics modul...
See all answers
What do you like most about Picus Security?
The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs.
See all answers
What is your experience regarding pricing and costs for Picus Security?
The pricing of Picus Security is average, and it offers a good value for money.
See all answers
What needs improvement with Picus Security?
There is room for improvement in the response rate provided by customer support. Picus Security could improve the response time.
See all answers
 

Comparisons

Pentera vs Cymulate Logo
Pentera vs Cymulate
Compared 26% of the time
XM Cyber vs Cymulate Logo
XM Cyber vs Cymulate
Compared 11% of the time
SafeBreach vs Cymulate Logo
SafeBreach vs Cymulate
Compared 7% of the time
AttackIQ vs Cymulate Logo
AttackIQ vs Cymulate
Compared 6% of the time
The NodeZero Platform by Horizon3.ai vs Cymulate Logo
The NodeZero Platform by Horizon3.ai vs Cymulate
Compared 5% of the time
More Cymulate Competitors
Pentera vs Picus Security Logo
Pentera vs Picus Security
Compared 30% of the time
SafeBreach vs Picus Security Logo
SafeBreach vs Picus Security
Compared 14% of the time
AttackIQ vs Picus Security Logo
AttackIQ vs Picus Security
Compared 11% of the time
The NodeZero Platform by Horizon3.ai vs Picus Security Logo
The NodeZero Platform by Horizon3.ai vs Picus Security
Compared 5% of the time
Tenable One Exposure Management Platform vs Picus Security Logo
Tenable One Exposure Management Platform vs Picus Security
Compared 4% of the time
More Picus Security Competitors
 

Product Reports

Buyer's Guide
Cymulate
December 2025
Cymulate reportDownload Cymulate product report
Buyer's Guide
Picus Security
December 2025
Picus Security reportDownload Picus Security product report
 

Overview

For companies that want to manage their security posture against the evolving threat landscape: Cymulate SaaS-based Extended Security Posture Management (XSPM) deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end across the MITRE ATT&CK framework.

The platform provides out-of-the-box, expert and threat intelligence-led risk assessments that are simple to deploy and use for all maturity levels, and constantly updated. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarious and advanced attack campaigns tailored to their unique environments and security politices. Cymulate allowes professionals to manage, know and control their dynamic environment. 

Cymulate

Independent from any vendor or technology, the unparalleled Picus Platform is designed to continuously measure the effectiveness of security defenses by using emerging threat samples in production environments. Created by a team that’s been working together more than 10 years already and has proven their expertise in enterprise cybersecurity, Picus is trusted by many large multinational corporations and government agencies.

Picus Security
 

Sample Customers

Euronext, YMCA, Telit, Nemours 
Akbank, Exclusive Networks, Garanti, ING Bank, QNB Finansbank, Turkcell, Vodafone, Yapı Kredi
Buyer's Guide
Cymulate vs. Picus Security
December 2025
Free Report: Cymulate vs. Picus Security
Find out what your peers are saying about Cymulate vs. Picus Security and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,259 professionals have used our research since 2012.
See our Cymulate vs. Picus Security report.
See our list of best Breach and Attack Simulation (BAS) vendors.

We monitor all Breach and Attack Simulation (BAS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.