NOMINATION HIGHLIGHTS

2025 marked a pivotal year for SafeBreach, as we took the first step in our evolution from the pioneers in BAS to leaders in CTEM. Our evolution began with the launch of the new SafeBreach Exposure Validation Platform, which combines our award-winning BAS solution, SafeBreach Validate, with the innovative capabilities of attack path validation via SafeBreach Propagate. Together, these technologies expanded our CTEM validation capabilities to provide the most innovative and holistic views of cyber risk available today.

As a result, we have transformed how SafeBreach customers validate, prioritize, and reduce their most critical exposures. The SafeBreach platform delivers continuous, empirical evidence about the efficacy of security controls and the real impact of a successful breach that enables security leaders to make informed, data-driven decisions—not by adding more tools or alerts, but by validating whether existing controls stop real attacks in practice. The executive-level dashboards enable CISOs to clearly evaluate risk, inform resourcing decisions, and strengthen strategic alignment and mobilization across the organization, turning exposure validation into a continuous CTEM discipline that supports proactive cyber resilience.

In addition to the launch of the new platform, SafeBreach also released a number of new AI-based capabilities that simplify security posture analysis, accelerate operational efficiency, and enable more actionable outcomes. AI Remediation automatically suggests tailored, context-aware remediation steps for missed attack simulations in Validate. The new SafeBreach MCP server allows AI agents to query the platform and analyze attack simulation results using plain-text questions and combine platform simulation data with other data sources to provide deeper insights. And new AI-generated attack scenarios help customers test defenses against the next generation of AI-driven malware.

Aside from our technology, SafeBreach continued to set the gold standard in original research with the discovery of nine CVEs, publication of the first public exploit for CVE-2024-49113, and 10 talks at major global conferences like Black Hat, RSA, and DEF CON. We expanded our global customer base to include customers in 34 countries and maintained an industry-leading 95% customer satisfaction rating for the third year in a row. Finally, we released our inaugural State of the Breach Report, which analyzes the results of millions of real-world attack simulations to provide never-before-seen insights into the state of enterprise cyber resilience. The report reveals where enterprise security programs perform well, where modern threats evade defenses, and how trends differ across industries and architectures to help organizations improve resilience.