BAS vs adversary simulation: what to use, when, and why it matters in OT

Breach and Attack Simulation (BAS) and adversary simulation are often discussed as if they solve the same problem: proving your defenses work. In practice, they answer different questions. BAS is well-suited for continuously validating whether specific controls detect or block known techniques. Adversary simulation goes further by testing whether a real attacker could chain actions into an end-to-end attack path across identities, networks, endpoints, and OT assets.

For critical infrastructure operators, that distinction matters. OT environments add safety constraints, legacy protocols, and segmentation assumptions that can look strong on paper but fail when you model how an adversary actually pivots. Frenos is built around safe, full-scope OT security testing using digital twins, so you can validate attack paths without touching production systems. If you are evaluating methods, it helps to start with the outcome you need: continuous control assurance, or scenario-driven validation of how an intrusion would progress.

If you are new to digital twin based testing in OT, see How Digital Twins Enable Safe, Comprehensive OT Security Testing. For teams comparing testing approaches beyond BAS, OT Penetration Testing vs Red Teaming: Key Differences Explained provides useful context. And if your scope includes SCADA, SCADA Cyber Security: Visibility, Attack Paths, and Safe Testing with Digital Twins expands on attack path visibility in operational environments.

Concise definitions: BAS, threat emulation, and adversary simulation

BAS (breach and attack simulation) is a category of tools and services designed to continuously and repeatedly execute predefined techniques to validate whether security controls behave as expected. A BAS run might test whether a known command-and-control pattern is blocked, whether an EDR detects credential dumping, or whether a phishing control prevents a payload from running. The value is repeatability, scale, and a measurable signal that a control is functioning.

Threat emulation is a broader term that typically refers to executing selected behaviors from known threat actors or frameworks (often mapped to MITRE ATT&CK) to validate detections and response playbooks. Threat emulation can be done with BAS-like automation or with human-led exercises.

Adversary simulation is scenario-driven validation of an end-to-end intrusion, emphasizing realistic sequencing, decision points, and attack path discovery. Instead of asking “does control X detect technique Y,” adversary simulation asks “can an adversary achieve objective Z given our current identity model, segmentation, monitoring, and operational constraints.” In OT contexts, adversary simulation often includes validation of pathways from IT entry points into OT management planes, engineering workstations, historians, and ultimately control logic or safety-related functions, while respecting safety and uptime requirements.

These are not competing labels for the same activity. They are different instruments. A mature program often uses BAS for continuous control assurance and uses adversary simulation to validate the larger question: whether the environment resists real-world chaining of techniques across the enterprise-OT boundary.

The core difference: control checks versus attack path validation

The simplest way to separate BAS vs adversary simulation is by what each is optimized to measure.

BAS is optimized for breadth and repeatability. It tends to run safely and frequently, generating clear pass/fail signals for discrete tests. This is powerful for ongoing verification: detection rules, EDR coverage, firewall egress controls, email filtering, or alert routing.

Adversary simulation is optimized for realism and context. It focuses on whether an attacker can move from initial access to an impact objective, given the actual permissions, trust relationships, segmentation design, and operational workflows in place. It typically involves conditional branching: if credential access fails, try a different privilege escalation vector; if a segment is blocked, validate whether a jump host path exists; if OT monitoring alerts, test whether the SOC process prevents progression.

In OT and critical infrastructure, the gap between “control works” and “attack path is blocked” is where many exposures live. Segmentation can be effective but only if it is enforced consistently, identity boundaries are sound, remote access paths are hardened, and engineering workflows do not create bypasses. Adversary simulation is designed to uncover those bypasses.

This is also why adversary simulation is often described as the next evolution beyond isolated technique checks: it validates the security posture as a system, not just as a set of independent controls.

BAS vs adversary simulation across common evaluation criteria

When stakeholders debate BAS limitations or whether adversary simulation is “better,” it helps to score the approaches against operational criteria. The goal is not to crown a winner; it is to pick the right method for the decision you need to make.

Scope and depth: BAS generally emphasizes technique-level validation. Adversary simulation emphasizes campaign-level progression and dependencies between steps.

Fidelity: BAS commonly uses predefined, safe actions that resemble attacks but may not reflect how attackers adapt. Adversary simulation is designed around realistic sequencing and decision making, including alternative routes.

Operational safety in OT: Both can be safe, but safety depends on execution model. In OT, production-impact risk often comes from interacting with fragile endpoints, scanning aggressively, or touching control networks. Adversary simulation done through OT-aware digital twins can be high fidelity without production interaction, which addresses the typical safety-versus-realism trade-off.

Outputs: BAS often produces control-level results: which detections fired, which blocks worked, what coverage exists. Adversary simulation produces attack paths, choke points, and prioritized remediation tied to business and process impact.

Frequency: BAS is usually continuous or scheduled frequently. Adversary simulation is commonly periodic, scenario-based, and aligned to risk reviews, major changes, incident learnings, or critical asset onboarding.

Stakeholder value: BAS tends to serve SOC engineering, detection tuning, and control owners. Adversary simulation serves OT security architects, risk owners, and incident response leadership by answering whether high-risk outcomes are achievable.

In many programs, the correct decision is not “BAS or adversary simulation.” It is “BAS for continuous assurance, adversary simulation for systemic validation and prioritization.”

Where BAS is sufficient: high-value use cases

BAS is a strong fit when you need scalable and repeatable confirmation that specific protections behave as intended. For commercial search intent, buyers often want to know whether BAS is enough to justify investment without adding heavier exercises. In many environments, it is.

BAS is typically sufficient when your primary objective is to validate:

1. Detection and alerting coverage for known techniques. For example, ensuring that endpoint telemetry, SIEM parsing, and correlation rules detect a standardized set of behaviors.
2. Control regressions after change. After EDR policy updates, firewall rule changes, identity policy updates, or sensor tuning, BAS can confirm you did not lose coverage.
3. Baseline security hygiene across many sites. For distributed operations, BAS can provide consistent measurement across locations, especially in IT segments adjacent to OT.
4. SOC workflow verification. If the BAS platform supports it, you can verify that alerts reach the right queue, that paging triggers, and that runbooks start.

In OT-adjacent contexts, BAS can still be useful for the parts of the stack that are safe to exercise: remote access gateways, Windows-based jump servers, identity systems, and monitoring pipelines. The key is to treat BAS results as necessary but not sufficient evidence of resilience against real intrusion paths into OT.

BAS limitations that matter most in OT and complex hybrid environments

BAS limitations become relevant when the risk you are trying to quantify depends on chaining across layers or crossing boundaries, especially IT to OT.

Common limitations include:

Chaining and conditional logic: Many BAS tests are atomic. They validate a technique in isolation, not whether an attacker can combine identity abuse, remote management, and segmentation gaps into a workable route.

Assumption of homogeneity: OT environments are heterogeneous. You may have legacy Windows hosts, specialized HMIs, historians, engineering workstations, domain trusts, vendor remote access, and proprietary protocols. A BAS library may not represent these interactions or the operational constraints that shape them.

Limited representation of operational pathways: In OT, “the path” is often not a simple network route. It includes how engineers obtain privileges, where backups are stored, how recipe changes are approved, and how remote support is granted. Attack paths frequently exploit these workflows.

Safety constraints reduce what you can test in production: Even if a BAS tool can technically execute a behavior, teams may avoid it due to risk of process disruption. That can create blind spots precisely where the highest consequences exist.

Overreliance on ATT&CK coverage metrics: Technique coverage is useful, but it can overstate confidence if the environment allows alternate paths not represented in the test set. An attacker does not need many techniques if one weak trust relationship yields direct access to critical assets.

These limitations do not make BAS “bad.” They mean BAS is not designed to answer end-to-end resilience questions in environments where the riskiest outcomes depend on cross-domain dependencies and operational realities.

How adversary simulation works in practice (and how it differs from red teaming)

Adversary simulation is often compared to red teaming and penetration testing. The difference is primarily in objectives and constraints.

Penetration testing typically aims to find exploitable vulnerabilities and prove impact within a defined scope, often within a time-boxed engagement. Red teaming often aims to emulate realistic adversary behavior against people, process, and technology, sometimes with covert goals and an emphasis on detection and response.

Adversary simulation, as used here, is a structured validation of a defined scenario or set of scenarios, mapped to relevant threat models and critical outcomes. It is less about “surprising” defenders and more about producing repeatable evidence of whether specific attack paths are viable, where they break, and why.

In OT contexts, adversary simulation frequently needs a safer execution model than traditional approaches. Instead of interacting with production PLCs, safety systems, or fragile HMIs, teams can use a cyber digital twin to replicate key assets, configurations, and trust relationships. This supports realistic chaining without introducing production risk.

For readers weighing these approaches, From IT to OT: Why Threat-Simulated Penetration Testing Needs a Cyber Digital Twin explains why OT-safe realism requires more than conventional tooling. And if you want a clearer comparison among testing types, OT Penetration Testing vs Red Teaming: Key Differences Explained provides a grounded breakdown.

The practical takeaway: adversary simulation should produce engineering-grade outputs that security architects can act on, without forcing unacceptable operational risk.

A practical decision framework: BAS vs adversary simulation vs pentesting

If you are building a security validation program, choose the method based on the decision you need to support and the acceptable operational risk.

Use BAS when you need continuous, scalable assurance that specific controls are functioning and that coverage does not regress after change.

Use adversary simulation when you need to answer attack path questions, such as:

• Can an attacker with a foothold in IT reach engineering workstations or OT management assets?
• Can identity misconfigurations or vendor access paths bypass segmentation?
• Can an attacker achieve a defined impact objective (for example, unauthorized logic change, loss of view, loss of control) through a realistic chain?

Use penetration testing when you need to uncover and validate exploitable weaknesses within a bounded scope, often to satisfy governance requirements or to validate remediation of known exposure areas.

Use red teaming when you need to evaluate detection and response against a human-driven, adaptive intrusion, typically when your monitoring and incident response maturity is ready to benefit from the pressure test.

In OT environments, you may layer these. BAS can continuously validate controls in IT and OT-adjacent systems. Adversary simulation can periodically validate the end-to-end attack paths that matter most to safety and continuity. Pen testing can validate exploitable weaknesses in carefully selected, safe scopes.

The anti-pattern is using BAS results as a proxy for attack path resilience. The right question for architecture is not “how much ATT&CK coverage do we have,” but “which paths to critical assets are still viable and why.”

FAQs

Is BAS the same as adversary simulation or threat emulation?

No. BAS typically executes predefined, repeatable technique tests to validate controls. Threat emulation is a broader practice of recreating behaviors from known threats. Adversary simulation is scenario-driven and focuses on whether an attacker can chain actions into an end-to-end attack path to reach an objective, especially across identity and network boundaries.

When is BAS enough for an OT or critical infrastructure environment?

BAS is enough when your key objective is continuous validation of specific controls and detections, particularly in IT and OT-adjacent systems where testing is safe and standardized. It is usually not enough when you need to validate whether realistic paths from IT into OT assets exist, because those paths depend on chaining, operational workflows, and trust relationships.

How is adversary simulation different from a red team?

A red team often emphasizes stealth, human adaptability, and testing detection and response under realistic pressure. Adversary simulation emphasizes evidence-based validation of defined scenarios and attack paths, producing repeatable findings that architects can use to close pathways. In OT, adversary simulation is frequently executed in a safer way using digital twins rather than interacting with production systems.

What outcomes should we expect from an adversary simulation exercise?

You should expect mapped attack paths to critical assets, documented control boundary performance (block, detect, or no visibility), and a prioritized remediation plan focused on breaking the most consequential paths. Strong outputs also include repeatable validation tests to prevent regression after changes.

Do we need a fully mature asset inventory and telemetry to start?

No. You need enough data to model the pathways that matter: key identity relationships, segmentation and routing, remote access patterns, and the critical systems involved in your scenarios. Many programs start with a focused subset of the environment and expand fidelity over time as visibility improves.

 

---

Next Steps

If you are deciding between BAS vs adversary simulation, start with the outcomes you need to validate: continuous control assurance, or proof that real attack paths to critical OT assets are closed. Frenos supports OT-safe, full-scope adversary simulation using digital twins so you can validate end-to-end paths without touching production systems. Request an OT Security Assessment to evaluate your highest-risk scenarios and the fastest path to reducing exposure.