Tool's Analysis Framework

It has been delineated a comprehensive framework that includes distinct features and elements beneficial to diverse applications, namely:
  • Understanding the core of Breach and Attack Simulation (BAS) tools, including their fundamental constituents and distinguishing characteristics.
  • Supplying a basis for comparing and contrasting two different solutions, facilitating informed decision-making.
  • Providing an exhaustive list of features that can be leveraged for the development of a new tool or the enhancement of existing ones, thus encouraging the innovation within the domain.

Design

FrameworkDesign
The elements are initially categorized into two primary classifications: Features and Elements.
  • Features encapsulate the functionalities inherent within the tool such as the graphical user interface. Elements falling under this category are systematically employed, delineating their presence or absence (e.g., Override function) or by enumerating a list of attributes (e.g., supported operating systems). This section is delimited from qualitative analysis and instead emphasizes a quantitative examination, discerning the mere availability of features as opposed to their effectiveness. Moreover, features have been further categorised into six groups to have a more schematic overview and a faster comparison. The classes Attack and Results have also a common sub-section called Information and Filtering.
  • Comparison Elements are envisioned to facilitate both quantitative and qualitative analyses when juxtaposing tools. Nevertheless, while certain elements within this category, such as price, are readily attainable, the majority pose challenges due to subjective variability, frequent fluctuations, or reliance on contextual factors. For instance, assessing the "Operator Expertise" prerequisite for tool utilization presents inherent complexities, necessitating dedicated study for meaningful comparison. Despite these hurdles, these elements retain considerable utility in informing tool selection decisions. Hence, they are included within the framework, albeit they need a separate section. The list of features that can be used to compare two software could be very detailed, in this section the focus is centred on the analysing elements that requires particular attention when comparing two different BAS solutions rather than programs in general.
Overview >