Try our new research platform with insights from 80,000+ expert users

Cymulate vs Picus Security comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cymulate
Ranking in Breach and Attack Simulation (BAS)
2nd
Average Rating
8.6
Reviews Sentiment
7.6
Number of Reviews
3
Ranking in other categories
Threat Intelligence Platforms (15th), Attack Surface Management (ASM) (11th), Continuous Threat Exposure Management (CTEM) (1st)
Picus Security
Ranking in Breach and Attack Simulation (BAS)
3rd
Average Rating
9.0
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of February 2025, in the Breach and Attack Simulation (BAS) category, the mindshare of Cymulate is 22.5%, down from 22.9% compared to the previous year. The mindshare of Picus Security is 19.0%, up from 15.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Breach and Attack Simulation (BAS)
 

Featured Reviews

Ondrej Kováč - PeerSpot reviewer
Advanced cybersecurity solution for attack based vulnerability mng. and upskill platform for SOC.
While Cymulate's technology shows great promise and delivers excellent results, their approach to positioning the solution appears to overlap with other companies like Tenable, making them both direct and indirect competitors. Cymulate must refine their messaging and manage expectations effectively. In my experience, they need to be more attentive internally and mindful of potential negative impacts on customers. They exhibit a high degree of flexibility, which can result in sudden changes without adequate alerting. Communicating with them via phone for business matters can be challenging. On a scale from one to ten, I would rate Cymulate's technology level at eight, but their business level at four out of ten.
erdemerdag - PeerSpot reviewer
Breach and attack simulation software that provides network, endpoint, and email vectors
According to the attack vectors, you cannot specify which product is failing or which product is working well because there's no agent. The best case scenario is to add an agent solution where an agent would have the ability to actually detect which programs aren't working. For the attack software, you put a peer on the cloud site, and you have another peer internal network. There is IPS, firewall, WAF, and DBS amongst these peers. The cloud's peer is trying to send the attack file to the internal network. Maybe the firewall is blocking it, maybe the IP, maybe the WAF, but you cannot see the details. You can say, "Yes, my security product is blocking that attack scenario," or, "I cannot block this attack."

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The reporting capabilities are very good."
"Cymulate is easy to set up, install, and configure."
"The most valuable feature for us is the zero-day."
"The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs."
"It's very useful software because the customer mostly configures their IPS and manages their firewalls, WAF, and the DBS according to the latest update, latest news, or according to the situation."
"One of the most valuable features would be the detection capability, specifically the ability to detect alarms and logs collected from SIEM tools."
"The most valuable feature of the solution is its integration capabilities with the other security tools."
"It provides good reports and offers signature-based solutions."
"You have the liberty of physically executing a specific set of rules in your environment."
 

Cons

"The reporting process requires significant improvement as it often takes longer than expected and the quality is lacking."
"The product must provide consultancy for initial setup."
"The cost can be quite high, and it impacts scalability as more simulations require additional expenses."
"According to the attack vectors, you cannot specify which product is failing or which product is working well because there's no agent."
"The reporting and data analysis could be improved. Specifically, the analysis of the results."
"To improve, Picus Security could consider establishing a data center in India to address trust issues and increase interest from Indian customers."
"Let's say if a customer's environment has 10 security devices and they need to know that there is an attack that has bypassed their devices, they cannot go and inspect every device and every rule in their security devices."
"The amount of integrations that the product can handle is an area of concern, making it one of the aspects where improvements are required."
"There is room for improvement in the response rate provided by customer support."
 

Pricing and Cost Advice

"Cymulate's services are expensive."
"The product is affordable."
"They have certain price ranges for their products, depending upon the use cases, and the number of applications the customer wants to try."
"There is a yearly license according to the number of vectors. The pricing is moderate."
report
Use our free recommendation engine to learn which Breach and Attack Simulation (BAS) solutions are best for your needs.
838,640 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
13%
Manufacturing Company
7%
Comms Service Provider
5%
Financial Services Firm
24%
Computer Software Company
12%
Manufacturing Company
10%
Media Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What do you like most about Cymulate?
The most valuable feature for us is the zero-day.
What is your experience regarding pricing and costs for Cymulate?
The pricing for Cymulate could be better. If I were to rate it, it would be a six out of ten.
What needs improvement with Cymulate?
The main area for improvement in Cymulate is its pricing. The cost can be quite high, and it impacts scalability as more simulations require additional expenses.
What do you like most about Picus Security?
The most valuable feature of Picus Security is its threat intelligence, providing suggestions to block and prevent attacks by identifying malicious files and providing threat IDs.
What is your experience regarding pricing and costs for Picus Security?
The pricing of Picus Security is average, and it offers a good value for money.
What needs improvement with Picus Security?
There is room for improvement in the response rate provided by customer support. Picus Security could improve the response time.
 

Comparisons

 

Overview

 

Sample Customers

Euronext, YMCA, Telit, Nemours 
Akbank, Exclusive Networks, Garanti, ING Bank, QNB Finansbank, Turkcell, Vodafone, Yapı Kredi
Find out what your peers are saying about Cymulate vs. Picus Security and other solutions. Updated: January 2025.
838,640 professionals have used our research since 2012.