Cymulate vs Fortra's Cobalt Strike comparison

Cymulate and Fortra are both solutions in the Breach and Attack Simulation (BAS) category. Cymulate is ranked #2 with an average rating of 8.7, while Fortra is ranked #9 with an average rating of 9.0. Cymulate holds a 19.9% mindshare in BAS, compared to Fortra’s 1.4% mindshare. Additionally, 100% of Cymulate users are willing to recommend the solution, compared to 100% of Fortra users who would recommend it.

Cymulate

Read 3 Cymulate reviews

3,150 Views
2,572 Comparison Views

100% willing to recommend

Fortra's Cobalt Strike

Read 1 Fortra's Cobalt Strike review

167 Views
122 Comparison Views

100% willing to recommend

Cymulate

Fortra's Cobalt Strike

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cymulate and Fortra's Cobalt Strike based on real PeerSpot user reviews.

Find out what your peers are saying about Pentera, Cymulate, Picus Security and others in Breach and Attack Simulation (BAS).

To learn more, read our detailed Breach and Attack Simulation (BAS) Report (Updated: November 2024).

Buyer's Guide

Breach and Attack Simulation (BAS)

November 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Cymulate

Ranking in Breach and Attack Simulation (BAS)

2nd

Average Rating

8.6

Number of Reviews

Ranking in other categories

Threat Intelligence Platforms (16th), Attack Surface Management (ASM) (11th)

Fortra's Cobalt Strike

Ranking in Breach and Attack Simulation (BAS)

9th

Average Rating

9.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Breach and Attack Simulation (BAS) category, the mindshare of Cymulate is 19.9%, up from 19.9% compared to the previous year. The mindshare of Fortra's Cobalt Strike is 1.4%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Breach and Attack Simulation (BAS)

Featured Reviews

Ondrej Kováč

Solution Engineer at Exclusive Networks Czechia

Feb 28, 2024

Advanced cybersecurity solution for attack based vulnerability mng. and upskill platform for SOC.

While Cymulate's technology shows great promise and delivers excellent results, their approach to positioning the solution appears to overlap with other companies like Tenable, making them both direct and indirect competitors. Cymulate must refine their messaging and manage expectations effectively. In my experience, they need to be more attentive internally and mindful of potential negative impacts on customers. They exhibit a high degree of flexibility, which can result in sudden changes without adequate alerting. Communicating with them via phone for business matters can be challenging. On a scale from one to ten, I would rate Cymulate's technology level at eight, but their business level at four out of ten.

Read full review

reviewer2519427

Cyber Security Engineer at a tech services company with 51-200 employees

Jul 30, 2024

Compact, versatile, creates shell codes for bypassing antivirus and built-in report templates streamline the process

Probably its delivery methods could be improved. It might need some improvements on its spear phishing module. You can clone a web page, and then you can spear phish a target, and the target connects to your beacon. I believe that it needs to be more modernized to the current standards of multi-factor authentication bypass. Although there are already tools that actually do that, like Evilginx that’s been used as a proxy server, I truly believe Cobalt Strike could do something like that. I believe if Cobalt modernize this specific feature to try to bypass multi-factor authentication, it’s gonna be something. I’m not aware if it’s actually a feature in the latest Cobalt Strike updates, but from my version, I don’t see that it’s possible right now. I don’t think AI is at the stage where it can conduct such complex operations. AI is mostly being used to create phishing templates, very simple stuff. AI is not mature enough to do something more complex, although I truly believe that in a few years, it might have such capabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature for us is the zero-day."

"Cymulate is easy to set up, install, and configure."

"The reporting capabilities are very good."

"It also made a lot of post-exploitation activities easier."

Cons

"The reporting process requires significant improvement as it often takes longer than expected and the quality is lacking."

"The cost can be quite high, and it impacts scalability as more simulations require additional expenses."

"The product must provide consultancy for initial setup."

"Probably its delivery methods could be improved."

Pricing and Cost Advice

"Cymulate's services are expensive."

"The product is affordable."

"It's expensive."

See which vendors are best for you

Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

19%

Computer Software Company

15%

Manufacturing Company

Retailer

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Cymulate?

The most valuable feature for us is the zero-day.

See all answers

What is your experience regarding pricing and costs for Cymulate?

The pricing for Cymulate could be better. If I were to rate it, it would be a six out of ten.

See all answers

What needs improvement with Cymulate?

The main area for improvement in Cymulate is its pricing. The cost can be quite high, and it impacts scalability as more simulations require additional expenses.

See all answers

What is your experience regarding pricing and costs for Fortra's Cobalt Strike?

As far as I know, at my previous job, our Red Teamers were using Cobalt Strike. It was heavily customized for their own engagement. The license is about € 6,000.00 per year or maybe more. It’s very...

See all answers

What needs improvement with Fortra's Cobalt Strike?

See all answers

What is your primary use case for Fortra's Cobalt Strike?

I use it a lot for independent research. I have a copy with me on my Kali box. There’s a good reason that it’s currently the best C2 in the market right now. It’s because of its versatility; you ca...

See all answers

Comparisons

Pentera vs Cymulate

Compared 44% of the time

Picus Security vs Cymulate

Compared 21% of the time

XM Cyber vs Cymulate

Compared 9% of the time

SafeBreach vs Cymulate

Compared 5% of the time

CyCognito vs Cymulate

Compared 2% of the time

More Cymulate Competitors

AttackIQ vs Fortra's Cobalt Strike

Compared 49% of the time

More Fortra's Cobalt Strike Competitors

Product Reports

Buyer's Guide

Threat Intelligence Platforms

October 2024

Download Cymulate product report

Buyer's Guide

Breach and Attack Simulation (BAS)

November 2024

Download Fortra's Cobalt Strike product report

Learn More

Cymulate

Fortra

Overview

For companies that want to manage their security posture against the evolving threat landscape: Cymulate SaaS-based Extended Security Posture Management (XSPM) deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end across the MITRE ATT&CK framework.

The platform provides out-of-the-box, expert and threat intelligence-led risk assessments that are simple to deploy and use for all maturity levels, and constantly updated. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarious and advanced attack campaigns tailored to their unique environments and security politices. Cymulate allowes professionals to manage, know and control their dynamic environment.

Cobalt Strike is red teaming software that emulates long-term attack techniques. Your red team can use real-world attack methods with covert security tools and after the red team exercise is complete, detailed reports help strengthen your blue team security.

Sample Customers

Euronext, YMCA, Telit, Nemours

Information Not Available

Buyer's Guide

Breach and Attack Simulation (BAS)

November 2024

Download Free Report

Find out what your peers are saying about Pentera, Cymulate, Picus Security and others in Breach and Attack Simulation (BAS). Updated: November 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our list of best Breach and Attack Simulation (BAS) vendors.

We monitor all Breach and Attack Simulation (BAS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.