Cymulate’s Yearly Continuous Testing Report

March 3, 2021

Cymulate continuous testing report reveals an over 50% increase of unique cyber threats in the wild in 2020.


Companies most at risk from CSP Bypass Vulnerability in Google Chrome, and Discord Account Stealing attacks in 2020.

New York, NY and Rishon Letzion, Israel (February 23rd, 2021) Cymulate, the only SaaS-based Continuous Security Validation platform to operationalize the MITRE ATT&CK® framework end-to-end, announced today a summary of its platform usage in 2020,  illustrating the dramatic influence of the global pandemic on the security landscape. Highlights include:

  • A significant uplift in awareness of phishing attacks across all industries as employees improved their high risk score from 66.3 in 2019 to a new low of 18.1 in 2020. (on a scale of 0-100)
  • Overall unique threats in the wild increased two folds from 389 in 2019 to 600 unique threats in 2020.
  • The healthcare industry remains most at risk, particularly through web gateways, and phishing is still a high-risk vector in this sector.
  • The financial sector is the most proactive and concerned with cyber threats, running 39% of the total assessments performed, and the technology sector is the second most security conscious.

Top threats that companies were most at risk from include a CSP Bypass Vulnerability in Google Chrome, AnarchyGrabber Discord malware, Jigsaw ransomware dropped by Lokibot, malware authors tricking Apple into trusting malicious Shlayer apps and Doki infecting Docker servers in the cloud.

“Cybercrime is an established industry driven by innovation to find vulnerabilities that can be monetized. The high-risk threats from the report are those that had the highest impact which is one of the metrics used in calculating risk. Looking forward, we see that state-sponsored cybercrime is leading the way with immense resources and talent. In 2021 we expect more attacks to leverage supply chain techniques that make use of the tools and tactics discovered in the SolarWinds breach,” said Avihai Ben-Yossef, co-founder and CTO at Cymulate.

The full report can be accessed here.

“The threat landscape does not stand still, and regular weekly or daily assessments play a critical role in addressing practically daily threat evolutions and a company’s resilience to new immediate threats,” said Eyal Wachsman, CEO and co-founder of Cymulate. “In 2020 we saw more concern for, and lack of security for MAC threats compared to the previous year alongside Covid-themed threats. We anticipate 2021 to see an even greater increase in both these areas as people remain working from home.”

Additional key findings:

  • Web application attack vectors are the riskiest at 39.6, followed by web browsing (web gateway) at 33.9 (on a scale of 0-100).
  • Web attack vector utilization and validation grew YoY by 37% and email vector assessments by 23%.
  • Most favored simulations run by our customers:
    • Sunburst Backdoor (Solarwinds supply chain attack)
    • Shirbit BlackShadow ransomware attack
    • Suspect Chinese APT group using DLL side-loads
    • Invisimole
    • Pfizer COVID 19 vaccine documents accessed in EMA cyberattack
    • Fake COVID-19 survey hidden ransomware in the Canadian university attack

The research report is conducted across hundreds of Cymulate’s customers across all verticals including healthcare, finance, critical infrastructure, manufacturing and more. The Cymulate risk score provides a quantifiable metric that enables customers to prioritize their mitigation activity, track performance and benchmark themselves over time. The score is calculated based on risk determination factors taken from NIST, CVSSv3 and DREAD in addition to the MITRE ATT&CK® framework. The risk score ranges between zero to a hundred where a low score equates to low risk.


About Cymulate

Cymulate’s Continuous Security Validation enables companies to challenge, assess and optimize their cyber-security posture against the evolving threat landscape, simply and continuously. The platform provides out-of-the-box, expert and threat intelligence led risk assessments that are simple to use for all skill levels, and constantly updated. It also provides an open framework for ethical hackers to create and automate red and purple team exercises and security assurance programs tailored to their unique environment and security policies. Cymulate helps security professionals to know and control their dynamic environment. For more information, visit and register for a Free Trial.

Contact Cymulate:
Levona Simha, Marketing Director at Cymulate
[email protected]
+972 523 536638


Media Relations:
Gina Shaffer
[email protected]
US: +1(707) 533-1504
IL: +(972) 54-649-3485