Frequently Asked Questions

Has vThreat been penetration tested?

Third party security testing of the vThreat Platform and is performed by independent and reputable security consulting firms. Findings from each assessment are reviewed with the assessors, risk ranked, and mitigated as soon as possible.

What are the minimum system requirements?

You can run vThreat with any modern updated browser. For best results ensure you have cookies enabled.

How often to do a simulation?

Depends on what you are trying to do. For instance our inbound email simulations can allow organizations to test something like FireEye weekly to make sure the devices are online. You may want to simulate exfiltration weekly or monthly do test your DLP. You don't need to do a whole enterprise simulation all the time. But if you are running a 24/7 SOC it's good to check to see if responders are good monthly. The truly paranoid could do simulations at the beginning of each watch to know if devices are alerting properly.

Do I need to pay to simulate a full enterprise-wide breach?

You can run the full-enterprise breach with vThreat Personal but you'll have limited reporting. See product

What is the difference between free and paid versions?

The main difference between paid and free are paid subscribers get detailed reporting, analytics, and exclusive vThreat. Our paying customers also get API access and the ability to schedule simulations. See product

Does vThreat replace penetration testing?

vThreat doesn't replace pen testing but it does augment it and give blue teamers an opportunity to simulate adversaries between penetration tests. Next time they are breach or pentested they should be in a better position.

I didn't receive my confirmation email...

If the email is not in your junk folder and you have tried resending it through the app, contact us at

What information do you retain?

vThreat retains account related information and some limited information related to IP addresses that the app discovers during simulated events. When you delete the events, all information is destroyed along with them.

What security information do you retain?

vThreat platform does not store any security information. All your specific security information will remain on your internal security systems that you use to detect our activity. Furthermore, vThreat doesn't retain any vulnerability information. Like the security information, your vulnerability data will not be in the vThreat system and will only be retained within your organization on whatever systems you use to store that data.

Will you be disclosing information to a third party?

Heck no! period.

How can I test malware protection like FireEye?

The most popular malware prevention implementations monitor inbound emails. You may want to test if you can receive emails containing attachments from vThreat Platform, vThreat has several for tests like that.

Can I download packet captures from vThreat?

All network traffic/packets are generated by your browser as a result of running vThreat simulations. You can use tools such as TCPdump or Wireshark for packet captures.