Cyscale Vendor Spotlight

Cyscale was founded in 2018. The company is based in London, but all of its founders are Romanian. This business is forging a path in the relatively new field of cloud security. The Cyscale system is called a CNAPP, which stands for Cloud-native application protection platform.

You can read about CNAPPs, what they include, and how they are structured in my review, The Best CNAPP for 2024 – you will notice that I put Cyscale at the top of the list of recommended platforms. The TLDR version is that a CNAPP is a collection of security services that protect cloud-based systems.

The Cyscale team focuses on the CNAPP package and hasn’t generated any breakout services. Although the platform includes a list of units, the company doesn’t market those services separately. So, a typical customer gets all the tools that Cyscale has produced in a package for a subscription rate.

Founding and Background

Cyscale has a dual identity, which is a strategy that is adopted by a number of IT businesses from Romania and Moldova. The leaders operate an HQ in London in the United Kingdom and present Cyscale as a British company. The business also operates an office in Cluj-Napoca and its press releases over there depict the business as a Romanian enterprise. All the directors of the UK company list their residences as in Romania.

The dual aspect of the company gives it access to the financial institutions and rich cloud market of the Anglosphere and the cheaper technical skills pool and EU funding of an emerging European nation.

Cluj-Napoca is a tech hub. It is the capital of Transylvania and it is home to many tech startups. The success of earlier local IT champions has fostered a talent pool of technicians and IT specialists in the town. A shining example of a dual identity company is CoSoSys, the makers of Endpoint Protector.

Ambitious entrepreneurs gain training and experience in an established tech business in the city and then leave to create their own startups. This is the path taken by Ovidiu Cical, a Senior Software and Security Engineer at CoSoSys. After seven years at the company, Cical upped sticks and moved to the UK, where he operated as an IT consultant at a number of businesses before starting up Cyscale.

Cical’s wife remained in Romania and administered the Cluj-Napoca end of the operation. The Cicals brought in Manuela Ticudean, a former colleague of Ovidiu at CoSoSys, who had forged a career in Berlin Germany, and then back in Cluj as a software developer. The fourth founder of Cyscale was Andrei Milas, another former colleague from CoSoSys.

So, with the team assembled and a CNAPP concept on the cards, the Cyscale team just needed to raise some money.

Cyscale Funding

Cyscale Systems SRL was set up and registered with the Romanian Register of Commerce, coming into existence on the 2nd November 2018 with funds of €100,000 contributed by the founders. The company received an investment of €50,000 thousand from the GapMinder Venture Partners, channeled through an entity called Techcelorator, a Romanian incubator fund, in June 2019.

The company received a grant of €50,000 from the EU’s Horizon 2020 fund in June 2020. These funds helped the team to keep going while they put their plans together and achieved a sufficient level of credibility to make presentations to fund managers.

The Cyscale team turned to the crowdsourcing platform, Seedblink, in September 2020 and raised €350,000 in just four hours in this event. By this time, the group had produced its first product, a Cloud Security Posture Management solution, which had gained 50 customers in Romania. The Seedblink-mediated investment round included a further €100,000 from GapMinder. This funding event valued the company at €2 million.

The final round of funding to date occurred in May 2022. Publicity around this event described Cyscale’s key product as a graph-based security analysis tool, called Security Knowledge Graph. This is a discovery and application mapping system that is now built into the core of the Cyscale CNAPP.

The Series A funding round raised €3 million. The round was led by Notion Capital, with participation from Seedcamp (investor also in UiPath), GapMinder BV, NP-Hard Ventures, and David Mytton (founder of Server Density).

Funding Summary

  • 2nd November 2018: €100,000 from the company’s founders
  • 13th June 2019: €50,000 from GapMinder Venture Partners/Techcelorator
  • 1st June 2020: €50,000 grant from the EU’s Horizon 2020 fund
  • 9th September 2020: €350,000 crowdfunded through Seedblink
  • 19th May 2022: €3 million from Notion Capital, Seedcamp, GapMinder, NP-Hard Ventures, and David Mytton

Timeline and Evolution

The UK company, called Cyscale Ltd, was registered on 21st October 2021 with Ovidiu Cical as the only director.

The company had no activity until four directors were added on 12 April 2022. These were Andrew James Leaver (Notion Capital), Valentin-Gabriel Ceicoschi (a Software Engineer at the company), Manuela-Maria Ticudean, and Dan Marius Mihaescu (GapMinder Venture Partners). Andrew Leaver was removed as a director on 25 June 2024. Other than Leaver, all of the directors listed their home addresses as being in Romania.

Here is a timeline of the major events in the history of Cyscale:

  • November 2018: Cyscale was founded by Ovidiu Cical, Manuela Ticudean, Andrei Milas, and Laura Cical.
  • 2018: Planning for the CNAPP with a focus on the design of its CSPM module.
  • June 2019: Raises €50,000 from GapMinder Venture Partners.
  • 2019: The team focused on developing the Cyscale Cloud Platform, gathering clients in Romania.
  • June 2020: Receives €50,000 grant from the EU’s Horizon 2020 fund.
  • September 2020: Raises €350,000 crowdfunded through Seedblink.
  • 2020: International expansion following accreditation into partner programs for major cloud platforms.
  • October 2021: Ovidiu Cical registers the UK company, Cyscale Ltd. The company moves its official HQ to London.
  • 2021: Development of the Cyscale Cloud Platform and the Security Knowledge Graph.
  • May 2022: Raises €3 million from Notion Capital, Seedcamp, GapMinder, NP-Hard Ventures, and David Mytton.
  • 2022-2024: Expansion and market growth.

Company Ownership

The share ownership of Cyscale Systems SRL in Romania is obscure. However, as Cyscale Ltd in the UK is now the primary trading entity of the company, its ownership is of more interest.

There is one more company involved in the Cyscale corporate structure, which is called Cyscale Investors SRL, a Romanian company. There is no indication of any shareholding by Notion Capital, Seedcamp, NP-Hard Ventures, or David Mytton, so their ownership could be invested in this entity – all of these funds mention their ownership of Cyscale shares on their sites.

The shares in Cyscale Limited are distributed as:

  • Cyscale Investors SRL: 8%
  • GapMinder Fund Cooperatief U.A.: 11.6%
  • Ovidiu-Adrian Cical: 74%
  • Manuela-Maria Ticudean: 6.4%

Key People

  • Ovidiu Cical, CEO and Founder: Cical was the central figure in the creation of Cyscale, and, as his shareholding shows, he still dominates the business. He is originally from Iași – he went to university and started his IT career there. Cical started out as a support technician and then became a coder. He moved to Cluj-Napoca in April 2011 to take up the position of Senior Software and Security Engineer at CoSoSys. This was the pivotal role of his career and it got Cical interested in cybersecurity systems, which would gain him his route to entrepreneurship. After a spell as a freelance Security Engineer in the UK for one year, he returned to Cluj and set up Cyscale. This was not his first entrepreneurial project. In his final two years at CoSoSys, he headed the project to create the cybersecurity platform, sensitivity.io. This has now been fully absorbed into Endpoint Protector, the core product of CoSoSys.
  • Laura Cical, Administrator and Founder: Also from Iași, Laura moved to Cluj in April 2011. Her background had been in construction project management until 2015 when she switched to being a software QA tester. It is not clear when the Cicals are currently married but they were at the time of the foundation of Cyscale. Her role at Cyscale was part-time, while she also worked as a QA Tester at another Cluj startup.
  • Andrei Milas, CTO and Founder: Milas is a native of Cluj-Napoca and has spent his entire life there. He went to University in Cluj and worked as a developer and software engineer at a series of businesses in Cluj. His last position before the creation of Cyscale was as a Software Engineer at CoSoSy. Milas started at Cyscale in January 2019 and was responsible for the technical design and implementation of the Cyscale Cloud Platform. He left the CTO position in March 2024 and is now a freelance Cloud Security Consultant.
  • Manuela Ticudean, Chief Product Officer and Founder: Ticudean started at Cyscale in February 2019. Her last position before that was a Senior Software Developer at the Cluj offices of a German software house. She had previously worked as a developer in Berlin and before that was a developer in Cluj at CoSoSys. Ticudean is the only co-founder other than Cical who has a shareholding in Cyscale.
  • Andrew Leaver, Director: Andrew Leaver is a partner at Notion Capital. This is one of only two UK-based investment funds that have shares in Cyscale (the other is Seedcamp) and he was invited to become a directory of the UK company in April 2022 after his fund invested in the business. His location in the UK was probably a great value to the founders because they all stayed in Cluj, while portraying the business as a British company. Leaver was true to his name in June 2024 when he resigned his position and left the company.
  • Dan Mihaescu, Director: Mihaescu has had a strong influence on Cyscale as a mentor and investor. He has been involved as an early investor since June 2019. His background lay in technology, including a period as Technology and Development Director for Microsoft Romania in Bucharest. He set up his own incubator fund, which included management consultancy, in 2016. His fund holds shares in Cyscale Limited.

Locations

Cyscale is a remote-first organization and doesn’t have any offices. In fact, it never had. The Romanian company, Cyscale Systems SRL, is registered at Cical’s home address. The official UK HQ address of the company is actually the offices of the company services provider, Reed Smith, which is listed as the Company Secretary. Reed Smith performs legal representation and accounting services for the business in the UK.

Target Market and Customer Base

Cyscale is a cloud security platform that focuses on protecting organizations’ cloud environments and data. The company produces a Cloud-Native Application Protection Platform (CNAPP). Such a system is typically made up of a series of components, and Cyscale implements this structure. The most important elements in the CNAPP are Cloud Security Posture Management (CSPM) and Cloud Infrastructure Entitlement Management (CIEM) sectors. Cyscale helps businesses ensure their cloud configurations are secure, monitor access policies, and maintain compliance.

A CNAPP protects SaaS platforms and microservices. A company that subscribes to a Software-as-a-Service platform doesn’t need a CNAPP; a company that runs a SaaS platform does need a CNAPP.

Target Market

Cyscale’s platform is designed with mid-size to large enterprises in mind. Companies that have complex multi-cloud environments, organizations that require advanced cloud security controls due to large-scale cloud infrastructure, DevOps & IT security teams, professionals responsible for managing cloud environments, and compliance-focused companies are all perfect customers for this system.

Industries with high compliance needs

  • Financial Services: Require adherence to regulations like PCI DSS.
  • Healthcare: Need to comply with HIPAA.
  • Technology: SaaS providers, software development firms, and tech companies that rely on cloud infrastructure.
  • Retail: E-commerce and retail businesses that need to secure sensitive information.
  • Telecommunications: Firms needing to protect their cloud communications platforms and customer data.
  • Government & public sector: Require the highest levels of security and compliance.

Customer Base

Cyscale’s customers typically consist of:

  • SaaS companies: SaaS providers seeking to ensure the security of their cloud-based applications.
  • Regulated industries: Firms in industries like healthcare, finance, and retail, which need high levels of cloud security and compliance.
  • Cybersecurity and IT departments: Cloud security teams within enterprises that require advanced monitoring, threat detection, and compliance tools.

Cyscale positions itself as a provider of advanced cloud security, compliance, and governance solutions, targeting enterprises that are looking for more extensive cloud security tools to ensure safe cloud operations.

Cyscale Product Suite

Cyscale offers one product, which is a CNAPP. A CNAPP itself is a suite of products. While some cybersecurity businesses offer customers the opportunity to subscribe to just one service, it has become more standard in the sector to provide all the units in a bundle.

Here’s an overview of Cyscale’s product suite:

1. Cloud Security Posture Management (CSPM)

Cyscale’s Cloud Security Posture Management platform provides comprehensive visibility into cloud assets and security configurations across multiple cloud environments like AWS, Azure, and Google Cloud. Key features include:

  • Asset Discovery & Mapping: Automatically discovers and visualizes all cloud assets and their relationships.
  • Security Monitoring & Alerts: Detects misconfigurations, security risks, and non-compliance in real-time.
  • Security Best Practices: Provides security recommendations and best practices based on industry standards like CIS Benchmarks.

2. Compliance & Governance

The Cyscale suite offers tools to help organizations comply with industry regulations such as GDPR, HIPAA, PCI-DSS, and more. Features include:

  • Continuous Compliance: Ensures continuous compliance by tracking security controls and their effectiveness.
  • Pre-built Compliance Policies: Pre-configured templates for common compliance frameworks to simplify audits.
  • Automated Evidence Collection: Automates compliance checks and gathers evidence for audits.

3. Cloud Security Knowledge Graph

A key innovation in the Cyscale suite is the Cloud Security Knowledge Graph™, which provides a holistic, interconnected view of cloud resources, users, and their relationships. This allows for:

  • Enhanced Threat Detection: Detects potential threats by analyzing the connections between users and cloud resources.
  • Contextual Security Insights: Delivers security insights based on context-aware analysis of cloud environments.
  • Attack Path Analysis: Identifies attack paths that potential adversaries could exploit in the cloud infrastructure.

4. Data Security Posture Management (DSPM)

Cyscale extends its capabilities to protect data stored in the cloud by managing and securing sensitive information across cloud environments:

  • Data Classification: Automatically discovers and classifies sensitive data in the cloud.
  • Data Security Controls: Monitors access controls, encryption standards, and data-sharing practices.
  • Risk Mitigation: Identifies and mitigates risks associated with data exposure or improper configuration.

5. Workload Protection

Cyscale provides security for cloud workloads, ensuring that applications and containers running in the cloud are secure:

  • Runtime Protection: Monitors and protects workloads during runtime.
  • Container & Serverless Security: Offers specific protection for containers and serverless environments.
  • Configuration & Vulnerability Management: Detects vulnerabilities in workloads and container configurations.

6. Risk Management & Reporting

This module helps organizations assess and manage risks associated with their cloud operations. Key features include:

  • Risk Scoring: Assigns risk scores based on the severity of identified vulnerabilities and misconfigurations.
  • Automated Reports: Generates detailed security and compliance reports to share with stakeholders.
  • Actionable Recommendations: Provides step-by-step remediation guidance for mitigating risks.

7. Integration & Automation

Cyscale integrates seamlessly with other security tools and cloud services. Automation features help streamline security and compliance processes:

  • API & Third-Party Integrations: Integrates with SIEMs, ticketing systems, and DevOps tools for seamless workflows.
  • Automation: Automates security checks, policy enforcement, and incident response actions.

Cyscale Plans and Pricing

Cyscale doesn’t partition its platform, so the plans all give access to the same features. The only difference between the editions is the pricing, giving a better rate per asset to high-volume businesses.

Here are details about the three plans:

Pro Plan

  • Ideal for: Most SaaS companies
  • Capacity: Up to 1,000 assets
  • Pricing: $850/month, billed annually

Scale Plan

  • Ideal for: Small and medium-sized enterprises (SMEs)
  • Capacity: Up to 5,000 assets
  • Pricing: $2,000/month, billed annually

Enterprise Plan

  • Ideal for: Large enterprises with extensive cloud infrastructure
  • Capacity: Custom plan
  • Pricing: Custom pricing based on specific needs

Flagship Product: Cyscale CNAPP

Cyscale CNAPP

Cyscale’s Cloud-Native Application Protection Platform (CNAPP) is the company’s sole product. It includes important tools for securing cloud-hosted IT assets across their entire lifecycle, from development to production. The CNAPP safeguards infrastructure, data, and applications.

The CNAPP’s components are as follows.

Cloud Security Posture Management (CSPM)

  • Asset discovery and mapping: Automatically discovers and maps cloud resources across multi-cloud environments, checking configurations for security issues.
  • Context-aware analysis: Insights into how cloud resources interact, identifying potential risks and attack vectors.

Cloud Workload Protection Platform (CWPP)

  • Shift-left security: Integrates security measures early in the development lifecycle, spotting vulnerabilities in code and configurations before deployment.
  • Microservices security: Ensures that communication between services is properly managed and monitored for threats.

Cloud Infrastructure Entitlement Management (CIEM)

  • Identity and Access Management: Authenticates users and controls access to resources.
  • Risk-based access controls: Implements risk-based policies to enforce least privilege access.
  • Entitlement visualization: Visibility into user entitlements across cloud platforms, identifying excessive or misconfigured permissions.

Container Security

  • Runtime protection: Protection of containerized applications during runtime, monitoring for vulnerabilities and malicious activity.
  • Image scanning: Scans container images for vulnerabilities before they are deployed, ensuring that only secure images are used in production environments.
  • Configuration management: Monitors container configurations for compliance with security best practices, alerting users to misconfigurations that could expose applications to risk.
  • Lifecycle management: Provides security throughout the entire container lifecycle, from development to deployment and runtime, ensuring that security controls are consistently applied.

Kubernetes Security

  • Cluster security monitoring: Continuously monitors Kubernetes clusters for vulnerabilities, misconfigurations, and compliance issues.
  • Pod security policies: Enforces security policies for Kubernetes pods, including controls on resource access and the permissions granted to containers.
  • Network policies: Manages and monitors network policies within Kubernetes environments to restrict traffic between pods and ensure secure communication.
  • Audit and compliance: Detailed auditing capabilities for Kubernetes clusters to track user actions and configuration changes.

Data Security Posture Management (DSPM)

  • Sensitive data discovery: Identifies, classifies, and monitors sensitive data within cloud environments for compliance and data protection.
  • Data access governance: Tracks access to sensitive data to prevent unauthorized exposure or misuse.

Threat Detection and Response

  • Advanced Threat Detection: Employs sophisticated algorithms to identify potential threats, including compromised credentials and malicious behavior in containerized environments.
  • Incident response: Automated incident response workflows that can be integrated into existing security operations.

Compliance and Governance

  • Automated compliance monitoring: Continuously monitors compliance with CIS Benchmarks, GDPR, HIPAA, and others, offering predefined policies and customizable frameworks.
  • Evidence collection: Simplifies audit processes with automated evidence collection, ensuring ongoing adherence to regulatory standards.

Pros:

  • Holistic view of cloud assets: Provides a full picture of the environment and identifies weak spots.
  • Security integration: Scanning during application development.
  • Data-centric security: Detects and secures data for compliance and risk management.
  • Compliance automation: Saves time during audits and reduces the risk of penalties for non-compliance.
  • Flexible, scalable deployment: Suitable for organizations of all sizes, providing flexible deployment options that scale as the business grows.

Cons:

  • Customization limitations: Smaller organizations may find it challenging to customize certain aspects of the platform.

Major Competitors

Below are the major competitors to Cyscale, each bringing their own strengths to the cloud-native security space:

  1. Palo Alto Networks Prisma Cloud A leading CNAPP that offers comprehensive security for cloud environments, including containers, serverless functions, and Kubernetes. Its modules include Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM).
  2. Wiz A relatively new but fast-growing CNAPP vendor that has quickly gained traction in the market. It emphasizes agentless scanning for cloud environments, offering deep visibility into risks like misconfigurations, vulnerabilities, and exposed data across multi-cloud deployments.
  3. Orca Security Focuses on providing cloud security through its agentless platform, which scans cloud environments for misconfigurations, vulnerabilities, and data exposure. Orca uses side-scanning technology that eliminates the need for agents or scanners within the cloud infrastructure.
  4. Lacework A security platform designed for modern cloud-native infrastructures. It offers robust cloud workload protection and CSPM features, using machine learning and anomaly detection to identify threats and vulnerabilities across cloud, container, and Kubernetes environments.
  5. Check Point CloudGuard Another major CNAPP provider offering a suite of tools for cloud-native application protection, including workload security, posture management, and compliance. It also supports container and serverless security.
  6. Trend Micro Cloud One A comprehensive cloud security solution that provides CSPM, cloud workload protection, and runtime security for containers, applications, and serverless functions. It also includes network protection and CIEM capabilities.

Spotlight Wrap-Up

Cyscale’s CNAPP offers a comprehensive solution for protecting cloud-native applications, with cloud security posture management, data security, and workload protection, it is well-suited for organizations that need to secure complex, multi-cloud environments.

The field of CNAPPs is still new and not clearly defined. Cyscale is stronger at data security than many rivals but weaker at connection protection. As the sector matures, brands will evolve to settle on a common list of services.