OpenBAS: Open-source breach and attack simulation platform
OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations.
Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API.
The platform includes various modules – scenarios, team management, simulations, communication verification, and encryption – offering benefits like collaborative workflows, real-time monitoring, detailed analytics, and feedback management.
“OpenBAS is unique in its capability to simulate every aspect of an incident, not only the technical part. With OpenBAS, you can also simulate contextual events to test your teams with journalist inquiries about the attack, a call from the CEO seeking immediate results, and so on,” Jean-Philippe Salles, VP of Product Management of Filigran, told Help Net Security.
Future plans and download
“With OpenBAS, we seek to help cybersecurity teams to answer the question ‘Are we ready for these threats?’ We want OpenBAS to let you build the most accurate simulations you can, technically and contextually. So, we will add the capability to simulate more precise technical events, chaining them and reinjecting their results to create more complex scenarios, and enhance the ability to collect prevention, detection, and human response to those events to assess the organization’s security posture,” Salles concluded.
OpenBAS is available for free on GitHub. All OpenBAS components are shipped as Docker images and manual installation packages.
Must read:
- 20 free cybersecurity tools you might have missed
- 15 open-source cybersecurity tools you’ll wish you’d known earlier
- 20 essential open-source cybersecurity tools that save you time