With more mature cybersecurity programs, the approach for an efficient cybersecurity testing absolutely need to be different. This is where adversary simulations is a much better way to shape and improve the efficiency of the implemented controls.
Strongly tied to the MITRE ATT&CK framework, adversary simulations are meant to reproduce as closely as possible real-life threat actors (APT) that would be likely to attack your business. In other words, we will replicate their techniques, use the same tools (although with some limitations, we will not use a real ransomware for your business!), and the same attack paths.