Continuous security validation (Breach and Attack Simulation — BAS) automatically tests security controls 24/7 — simulating attack TTPs and validating that detections fire and blocks work.
BAS platforms (SafeBreach, Cymulate, AttackIQ) continuously run simulated attacks against production controls. Unlike pen tests (annual), BAS is continuous. Answers: "Do my security controls actually work right now?" Detects when new product deployment breaks a detection or when a signature update covers a new technique.