Frequently Asked Questions

Product Features & Capabilities

What is Cymulate Exposure Validation for LLMs?

Cymulate Exposure Validation for LLMs is a set of advanced, production-safe attack scenarios designed to test and validate large language models (LLMs) such as Azure OpenAI and AWS Bedrock against prompt injection and jailbreak threats. These scenarios allow security teams to simulate real-world adversarial attacks and assess the resilience of their AI-driven applications. Source

How does Cymulate test LLMs for prompt injection and jailbreak vulnerabilities?

Cymulate provides over 80 new attack scenarios (in private preview) that simulate prompt injection, jailbreaks, and other adversarial techniques targeting LLMs. These scenarios are executed against a "digital twin"—a replica of the LLM—ensuring safe, live-data offensive testing without impacting production systems. Source

What types of LLM attacks does Cymulate simulate?

Cymulate simulates four major exploit types aligned to MITRE ATLAS: Confused Deputy, Injection Exploitation, Malware Generation, and Trusted Subsystem Override. Each type targets specific vulnerabilities in LLMs, such as manipulating trusted agents, embedding malicious instructions, generating harmful code, or bypassing internal security boundaries. Source

How does the digital twin approach ensure safe LLM testing?

The digital twin is a replica of the target LLM environment, allowing Cymulate to execute offensive testing scenarios without risking production data or operations. This approach ensures that security teams can safely validate LLM resilience against real-world threats. Source

What is MITRE ATLAS and how does Cymulate align with it?

MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a framework for categorizing adversarial techniques targeting AI systems. Cymulate's LLM attack scenarios are mapped to MITRE ATLAS techniques and sub-techniques, ensuring comprehensive coverage of real-world threats. Source

How are assessment results presented in Cymulate Exposure Validation?

After running LLM attack scenarios, Cymulate provides a clear overview of testing results, including which attack scenarios were prevented, not prevented, detected, and not detected. It also highlights security drift by comparing current results to previous assessments. Source

Can I customize which LLM attack scenarios to run?

Yes, users can select specific attack scenarios to include in their assessments using the attack scenario workbench within Cymulate Exposure Validation. This allows for tailored testing based on organizational needs. Source

What LLM platforms are supported by Cymulate's new attack scenarios?

The new LLM attack scenarios are designed to test and validate LLMs based on Azure OpenAI and AWS Bedrock. Source

How can I access the private preview of LLM attack scenarios?

Existing Cymulate customers interested in the private preview should contact their customer success manager and account team to review and enable the new offensive testing capabilities. Source

Where can I find more technical details about LLM prompt injection testing?

For in-depth technical details and research on LLM prompt injection testing, visit the Cymulate blog post: Testing LLM Resilience: How Cymulate Exposure Validation Simulates Prompt Injection and Jailbreaks.

Does Cymulate provide out-of-the-box assessment templates for LLMs?

Currently, users can select scenarios in the attack scenario workbench. In the future, Cymulate Research Labs will publish out-of-the-box assessment templates for ready-run attack simulations against LLMs. Source

How does Cymulate help organizations track security drift in LLMs?

Cymulate compares the results of current LLM attack scenario assessments with previous results, identifying any security drift—such as threats that were previously prevented or detected but can now be successfully executed. Source

What is the role of Cymulate Research Labs in LLM security?

Cymulate Research Labs conducts advanced security research to understand modern threats and develop production-safe attack simulations for LLMs, ensuring customers can test and improve their AI security posture. Source

How does Cymulate Exposure Validation integrate with other security solutions?

Cymulate integrates with a wide range of security technologies, including Akamai Guardicore, AWS GuardDuty, BlackBerry Cylance OPTICS, Carbon Black EDR, Check Point CloudGuard, Cisco Secure Endpoint, CrowdStrike Falcon, Wiz, and SentinelOne. For a full list, visit our Partnerships and Integrations page.

What is the primary purpose of Cymulate's platform?

The primary purpose of Cymulate's platform is to help organizations proactively validate their cybersecurity defenses, identify vulnerabilities, and optimize their security posture. It empowers security teams to stay ahead of emerging threats and improve overall resilience. Source

What are the key capabilities of Cymulate's platform?

Cymulate offers continuous threat validation, a unified platform for BAS, CART, and Exposure Analytics, attack path discovery, automated mitigation, AI-powered optimization, complete kill chain coverage, ease of use, and an extensive threat library with over 100,000 attack actions updated daily. Source

How does Cymulate help with operational efficiency?

Cymulate automates security validation processes, leading to a 60% increase in team efficiency and saving up to 60 hours per month in testing new threats. Source

What business impact can customers expect from using Cymulate?

Customers can expect up to a 52% reduction in critical exposures, a 20-point improvement in threat prevention, a 60% increase in team efficiency, and an 81% reduction in cyber risk within four months. Source

Pricing & Plans

What is Cymulate's pricing model?

Cymulate operates on a subscription-based pricing model tailored to each organization's requirements. Pricing depends on the chosen package, number of assets, and scenarios selected. For a detailed quote, schedule a demo with the Cymulate team.

Security & Compliance

What security and compliance certifications does Cymulate hold?

Cymulate holds SOC2 Type II, ISO 27001:2013, ISO 27701, ISO 27017, and CSA STAR Level 1 certifications, demonstrating adherence to industry-leading security and privacy standards. Source

How does Cymulate ensure data security?

Cymulate ensures data security through encryption in transit (TLS 1.2+) and at rest (AES-256), secure AWS-hosted data centers, a tested disaster recovery plan, and robust application security practices including secure SDLC, vulnerability scanning, and third-party penetration tests. Source

Is Cymulate GDPR compliant?

Yes, Cymulate incorporates data protection by design and has a dedicated privacy and security team, including a Data Protection Officer (DPO) and Chief Information Security Officer (CISO), ensuring GDPR compliance. Source

Use Cases & Benefits

Who can benefit from using Cymulate?

Cymulate is designed for CISOs, security leaders, SecOps teams, red teams, and vulnerability management teams in organizations of all sizes and industries, including finance, healthcare, retail, media, transportation, and manufacturing. Source

What problems does Cymulate solve for security teams?

Cymulate addresses fragmented security tools, resource constraints, unclear risk prioritization, cloud complexity, communication barriers, inadequate threat simulation, operational inefficiencies in vulnerability management, and post-breach recovery challenges. Case studies illustrate these solutions in action.

Are there real-world examples of Cymulate solving these pain points?

Yes. For example, Hertz Israel reduced cyber risk by 81% in four months, a sustainable energy company scaled penetration testing cost-effectively, and Nemours Children's Health improved detection in hybrid and cloud environments. See more customer case studies.

How does Cymulate address the needs of different security personas?

Cymulate tailors solutions for CISOs (metrics and risk prioritization), SecOps teams (automation and efficiency), red teams (automated offensive testing), and vulnerability management teams (continuous validation and prioritization). Learn more.

Implementation & Ease of Use

How long does it take to implement Cymulate?

Cymulate is designed for rapid deployment, operating in agentless mode with no need for additional hardware or complex configurations. Customers can start running simulations almost immediately after deployment. Source

How easy is Cymulate to use?

Customers consistently praise Cymulate for its intuitive, user-friendly dashboard and ease of use. Minimal resources are required, and actionable insights are available with just a few clicks. Customer testimonials

What support and resources are available for Cymulate users?

Cymulate offers email and chat support, a knowledge base, webinars, e-books, and an AI chatbot for technical assistance and best practices. Resource Hub

Competition & Differentiation

How does Cymulate differ from other security validation platforms?

Cymulate offers a unified platform combining BAS, CART, and Exposure Analytics, continuous 24/7 threat validation, AI-powered optimization, complete kill chain coverage, ease of use, and the most advanced attack simulation library with daily updates. Source

What advantages does Cymulate provide for different user segments?

CISOs benefit from quantifiable metrics, SecOps teams from automation and efficiency, red teams from advanced offensive testing, and vulnerability management teams from continuous validation and prioritization. Learn more

Company & Resources

Where can I find Cymulate's blog and newsroom?

Stay updated with the latest threats, research, and company news through the Cymulate blog and newsroom.

Where can I find general resources like Cymulate's blog, newsroom, and event information?

Cymulate offers a Resource Hub, blog, newsroom, events & webinars page, and a cybersecurity glossary for comprehensive information. Resource Hub

What is Cymulate's mission and vision?

Cymulate's mission is to transform cybersecurity practices by enabling organizations to proactively validate defenses, identify vulnerabilities, and optimize security posture. The vision is to create a collaborative environment for lasting improvements in cybersecurity strategies. Source

Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Case Study: Credit Union Boosts Threat Prevention & Detection with Cymulate
Learn More
New Research: Cymulate Research Labs Discovers Token Validation Flaw
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

Test LLM Resilience Against Prompt Injection and Jailbreaks with New Cymulate Attack Scenarios

By: Brian Moran, VP of Product Marketing

December 2, 2025

Executive Summary 

As large language models (LLMs) become embedded in productivity, automation and security workflows, a new class of risks has emerged—prompt injection and jailbreaks that can silently override system instructions. Cymulate now gives security teams the automation and expertise to test and validate LLMs against these threats to the technology that drives artificial intelligence applications. 

Cymulate Exposure Validation now includes more than 80 new attack scenarios in a “private preview” to existing customers to test and validate LLMs based on Azure OpenAI and AWS Bedrock. Cymulate customers interested in the private preview should engage with their customer success manager and account team to review and enable the new offensive testing capabilities. 

This expansion of the Cymulate attack scenario library is only possible through advanced security research from Cymulate Research Labs to both understand modern threats and build the production-safe attack simulations that our customers rely on to prove the threat and improve their resilience. 

image
Further reading
Testing LLM Resilience: How Cymulate Exposure Validation Simulates Prompt Injection and Jailbreaks 

See how Cymulate is redefining LLM security by simulating real-world prompt injection and jailbreak attacks to validate AI defenses.

Read More

Product-safe testing with Digital Twin 

While dozens of new technologies have emerged to serve as security controls protecting LLMs, Cymulate focused on the security and configuration of the LLMs that allow for threats like prompt injection and jailbreaks. With attack scenarios that target LLMs and a commitment to production-safe testing, Cymulate Research Labs designed its LLM attack scenarios to execute against a “digital twin”—a replica of the LLM which allows for safe, live-data offensive testing. 

Exposure Validation aligned to MITRE ATLAS 

The almost 90 new attack scenarios align to MITRE Adversarial Threat Landscape for Artificial-Intelligence Systems (ATLAS). In this initial release and private preview, Cymulate provides the attack simulation for four major exploit types that apply four MITRE ATLAS techniques and sub-techniques. 

Exploit Categories MITRE ATLAS Technique 
Confused Deputy LLM Prompt Injection (AML.T0051) AI Agent Tool Invocation (AML.T0053
Injection Exploitation LLM Prompt Injection (AML.T0051)-Direct Subtechnique (AML.T0051.000
Malware Generation LLM Prompt Injection (AML.T0051)-Direct Subtechnique (AML.T0051.000
Trusted Subsystem Override LLM Prompt Injection (AML.T0051) LLM Data Leakage (AML.T0057) 

Confused deputy exploits manipulate trusted AI agents into performing unintended or unauthorized actions, usually from a discrepancy in permissions. Attackers craft deceptive prompts or inputs that coerce language models to misuse integrated tools, expose sensitive data or execute harmful commands, effectively transforming compliant AI assistants into unwitting intermediaries acting against their intended security boundaries. 

Injection exploitation occurs when adversaries embed malicious instructions directly into prompts or inputs consumed by an LLM. These manipulations override intended safeguards or context, causing the model to execute unauthorized actions, reveal sensitive data or alter outputs, exploiting trust in user-supplied content to compromise the model’s integrity or behavior. 

Malware generation involves manipulating an LLM through crafted prompts to produce malicious code or payloads. Attackers exploit weak safeguards or context understanding, coercing the model to generate, obfuscateor describe harmful software components that could aid in intrusion, privilege escalation or data exfiltration within compromised or targeted environments. 

Trusted subsystem override occurs when prompt manipulation causes an LLM to bypass internal security boundaries or controls. Attackers exploit implicit trust between the model and connected systems, coercing the LLM to invoke privileged operations, access restricted functions or execute actions reserved for authenticated users or protected components. 

Attack scenario workbench 

Today, the new attack scenarios targeting LLMs are available in the attack scenario workbench within Cymulate Exposure Validation. Users can choose the scenarios they include when running an assessment. In the future, Cymulate Research Labs will publish out-of-the-box assessment templates for ready-run attack simulations against LLMs. 

attack scenarios workbench cymulate

Cymulate Exposure Validation with new attack scenarios that simulate exploits against LLMs.  

Assessment findings 

Once assessments are completed, Cymulate provides the overview of testing results with clear view of the attack scenarios prevented, not prevented, detected and not detected. By comparing results of the attack scenario against previous assessment results, Cymulate identifies the security drift for threats that were previously prevented or detected but can now be successfully executed. 

Testing results in Cymulate Exposure Validation for select attack scenarios that target LLMs.  

Ask about private preview 

If you’re deploying or designing with LLMs, start testing them like an adversary would. To get started Cymulate customers should engage with their customer success manager and account team to review and enable the new offensive testing capabilities. 

If you are not a Cymulate customer, we invite you to book a demo to experience the latest in live-data offensive testing of LLMs. 

For more information about the architecture, read this blog for more detail on the research and architecture. 

image
Brian Moran, VP of Product Marketing
With over a decade in cybersecurity product marketing managerial positions, VP of Product Marketing Brian Moran is a driven product manager and product marketer with a track record of launching new innovative products and reigniting the growth of mature portfolios.
More about Author
Table of Contents
Executive Summary  Product-safe testing with Digital Twin  Exposure Validation aligned to MITRE ATLAS  Attack scenario workbench  Assessment findings  Ask about private preview 
Cymulate Exposure Validation makes advanced security testing fast and easy. When it comes to building custom attack chains, it's all right in front of you in one place.
Mike Humbert, Cybersecurity Engineer
DARLING INGREDIENTS INC.
Learn More

Featured Resources

View More Resources
image
blog

InversePrompt: Turning Claude Against Itself, One Prompt at a Time

High-severity vulnerabilities enable sandbox escape and arbitrary code execution via inverse prompting.

Read More
image
blog

EscapeRoute: Breaking the Scope of Anthropic’s Filesystem MCP Server

Critical vulnerabilities in Anthropic’s MCP Server allow sandbox escapes, file tampering, and code execution.

Read More
Cymulate Custom Attacks
Data Sheet

Cymulate Custom Attacks

Build, customize, and validate advanced attack simulations with ease for continuous security validation.

Read More

GET A PERSONALIZED DEMO

Ready to see Cymulate in action?

Book a Demo