SafeBreach 2025 Year in Review: Reflections from Co-Founder & CEO Guy Bejerano

Happy New Year! As 2026 begins, the SafeBreach team is moving forward with incredible momentum following a year that was a turning point for our company. In 2025, SafeBreach didn’t just grow; we evolved. We pushed the boundaries of what our platform can do and the value it can provide, shifting from the pioneers in Breach and Attack Simulation (BAS) to a path that will see us become the leaders in Continuous Threat Exposure Management (CTEM).

This year was defined by the launch of groundbreaking new technology, the continued trust of our global enterprise customers, the release of unrivaled original research and content, and an unwavering commitment to our people-first culture. None of this would be possible without the partnership of our employees, customers, and partners. So, before we fully immerse ourselves in the exciting work there is to do in 2026, I want to take a moment to reflect on all we’ve accomplished together in 2025.  

Product Evolution & Enterprise Dominance

In February 2025, our evolution began with the launch of the new SafeBreach exposure validation platform. It combines our award-winning breach and attack simulation (BAS) product, SafeBreach Validate, with the innovative capabilities of attack path validation via SafeBreach Propagate to provide the most innovative and holistic views of cyber risk available today. 

As a result, SafeBreach customers—who make up some of the largest enterprises in the world—are now leveraging our platform to make more informed decisions than ever thought possible about how to prioritize and remediate their most critical exposures. I am grateful for the trust these organizations—and all of our clients—have placed in us to serve as their partner in this way. 

These engagements have given SafeBreach unrivaled enterprise experience that has informed our ability to introduce the most innovative propagation and mitigation technologies available and continually enhance the value we provide in the area of CTEM. 2026 will be no different—read on for a sneak peak at the CTEM developments we have planned in the coming year. 

Product Innovations

As always, the SafeBreach team worked diligently throughout the year to introduce new product innovations that enhance the value customers derive from our platform. While our product releases included a host of new capabilities, the following key areas of focus received significant attention this year.

SafeBreach Propagate

In 2025, we launched Propagate, an enterprise-grade automated penetration testing technology that emulates lateral movement, privilege escalation, and credential harvesting to quantify post-breach resilience. With Propagate, we’ve achieved what others in the space simply cannot: a safe, controlled, and agentless enterprise-grade solution that finds gaps in network segregation to propagate to adjacent endpoints in real time. As a result, Propagate is being used in some of the largest networks in the world. If you haven’t yet seen it in action, take a self-guided product tour today.

AI Innovations

SafeBreach’s AI strategy is designed to harness this powerful technology to simplify security posture analysis, accelerate operational efficiency, and enable meaningful conclusions and actionable outcomes. As part of this strategy, we incorporated the following AI-based innovations into our platform over the last year, with even more planned in 2026:

• Validate AI Remediation: Automatically suggests tailored, context-aware remediation steps for missed attack simulations in Validate.
• MCP Server: Allows AI agents to connect to the SafeBreach platform to query and analyze attack simulation results using plain-text questions and access platform simulation data in conjunction with other data sources to provide deeper insights.
• Propagate Test Observation: Transforms complex test data into actionable, plain-language summaries for decision-makers.
• AI-Powered Troubleshooting & Documentation: New assistants help identify configuration errors and provide instant documentation support within the Management Console.
• AI-Generated Scenarios: A new category of attack content specifically designed to test defenses against the next generation of AI-driven malware.

Custom Parsers

We enhanced our custom parser editor to give users more control and flexibility over how SafeBreach correlates logs from security controls. This user-friendly tool helps transform raw logs into structured, actionable data that detection engineers can immediately use to increase observability validation, customize detection status to organizational needs, and scale efforts across more tools, log sources, and environments with confidence. See our on-demand webinar for an in-depth analysis of these capabilities.

Privileged Access Management System Integration

SafeBreach now integrates with both CyberArk and HashiCorp to automate password rotation, replacing high-risk manual updates with a secure, synchronized connection that scales across your entire infrastructure.

Unrivaled Original Research & 24-Hour Content SLA

The SafeBreach Labs team continues to set the gold standard for original research. In 2025, our team: 

• Discovered and responsibly reported 9 significant vulnerabilities; see our CVE Discoveries page for more details. 
• Published the first public exploit for CVE-2024-49113, the Windows Lightweight Directory Access Protocol (LDAP) Denial of Service vulnerability. 
• Was invited to share their original research findings at 10 talks at leading global conferences, including Black Hat USA, Europe, and Asia; DEF CON; RSA; SECtor; and Recon. 

Beyond original research, we continued to maintain our industry-leading rapid response to new and emerging threats, providing new coverage in the SafeBreach platform for nine new CISA alerts in under 24 hours of alert release. This included threats from Medusa and Ghost ransomware to nation-state campaigns by Russian GRU and Chinese threat actors, ensuring our customers are able to validate their protection against imminent threats in real-time.

Community & Customer Success

The SafeBreach community—made up of our valued enterprise customers, thought leaders, and security partners—is at the heart of everything we do. We brought this community together two times in 2025 at our flagship Validate User Summits in Dallas and New York to explore the challenges, best practices, and real-world success stories of proactive security programs. In Dallas, we saw our largest turnout ever, with representation from over 50 of our enterprise customers. A special thank you to our keynote speakers, Mustapha Kebbeh with UKG and Grant Sims with Cigna, for sharing their invaluable insights at these events.

Our Customer Success Managers and Technical Account Managers also spent a significant amount of time throughout the year on the road, conducting strategy sessions and outcome reviews to ensure every customer is getting the full value of their partnership with SafeBreach. We’ve continued to invest in our SafeBreach Community as a force multiplier for security teams—expanding script libraries and knowledge-sharing, so customers can collaboratively build custom attacks in Breach Studio and continuously validate detections, EDR attack chains, and DLP and network controls across the full kill chain.

These activities culminated in the expansion of our global customer base to include customers in 34 countries, and a customer satisfaction rating that remained at an industry-leading 95% for the third year in a row.

A People-First Culture

We have always believed that our product is only as good as the people behind it. This year, the industry took notice once again. SafeBreach was ranked #22 on the 2025 Global Top 100 Inspiring Workplaces List among giants like Siemens Energy, Novo Nordisk, and Sony Music, and #17 on the 2025 North America Top 100 Inspiring Workplaces List. 

We also saw impressive results in terms of our company growth and employee retention that validate our continued efforts to create an exceptional, people-first culture with and for our employees: 

• Global Expansion: We successfully opened a new site in the UK and expanded our Customer Success team in India, further extending our global reach and providing enhanced support to customers.
• Employee Commitment: We saw a 4% decrease in employee attrition and a 12% increase in average tenure.
• Enhanced Engagement & Experience: Our employee Net Promoter Score (eNPS) rose by 11 points, with our highest marks in areas like people-centric culture, empowerment and trust, and sense of pride and fulfillment at work. We also maintained a 4.8 Glassdoor rating with a 94% “Recommend to a Friend” score.
• Ways of Work: We introduced new guidelines to foster a more focused and less stressful environment by prioritizing asynchronous collaboration and AI automation, giving our team the space to focus on high-impact items and personal well-being.

Looking to 2026

As we look ahead, our mission is clear: to continue to lead the CTEM market—from a people, technology, and thought leadership perspective—and execute our vision to become a complete CTEM platform. Towards that end, I’m excited to share a few new and upcoming developments for 2026: 

Just Released: The 2026 State of the Breach Report

Earlier this month, we released our inaugural State of the Breach Report, which analyzes the results of millions of real-world attack simulations executed in the SafeBreach platform over the last year. It provides significant insights into the general state of enterprise cyber resilience, including some industry benchmarking data you might find interesting. Grab your copy today—I can’t wait to hear what you think.

Coming Soon: The New Elevate Customer Summit

Many of you have been major supporters of our past Validate Customer Summits, either joining as an attendee or participating as a speaker. This event is one that I always look forward to, and I’m excited to share that we have relaunched the summit to ensure future events are bigger and better than ever before. As part of that effort, we have renamed the event to the SafeBreach Elevate Summit and will soon be releasing new details about the two-day event in May 2026. Keep an eye out for additional information from our team soon—we look forward to having you join us in 2026! 

The Future: The CTEM Evolution 

As I noted, 2025 marked the beginning of our journey to become a leader in CTEM with the launch of the SafeBreach Exposure Validation Platform, which combines our Validate and Propagate technologies. While Validate and Propagate lead the market within the Validation phase of the CTEM process, 2026 will see SafeBreach add adjacent capabilities to empower organizations to utilize the SafeBreach Exposure Validation Platform to support even more CTEM phases, including Discovery, Prioritization, and Mobilization. Stay tuned for these product updates—we will be sharing more soon!   

In the meantime, I wish each of you a happy, healthy, and peaceful new year!

– Guy Bejerano