Breaking
CYSANA converts executables into images to catch malware before it runs Won AI & Data category at the 2024 Product Awards Anti-ransomware tech patented in 15 countries Built with University of Luxembourg's SnT centre Models trained on MeluXina, a top European supercomputer Named a UK most-innovative cybersecurity startup two years running CYSANA converts executables into images to catch malware before it runs Won AI & Data category at the 2024 Product Awards Anti-ransomware tech patented in 15 countries Built with University of Luxembourg's SnT centre Models trained on MeluXina, a top European supercomputer Named a UK most-innovative cybersecurity startup two years running
Company Dossier · Cybersecurity & AI

Conatix.

The startup that turns software into pictures - so a computer can see malware before it runs.

AI Malware Detection Ransomware Blocker Insider Threat Washington, DC
Conatix logo

The Conatix mark. A 12-person company that runs across New York, Montreal, London, Berlin and the DC suburbs, and asks a simple question most scanners never do: what does this file look like?

15

Countries patented

~12

Employees

5

Cities, two continents

2024

CYSANA launch

The Story

A malware detector that reads a binary like a photograph

Here is a slightly strange fact about cybersecurity, which is that most malware scanners work the way a copy editor works. They read the file line by line, looking for a phrase they have seen flagged before. This is fine, and it catches a great deal of malware, right up until the moment someone writes a sentence the copy editor has never seen. Then it sails through.

Conatix, an early-stage AI company headquartered near Washington, DC, decided to do something else. Its flagship product, CYSANA - short for CYberSecurity ANAlytics - does not read the file line by line. It converts the executable into an image, and then it looks at the picture.

This sounds like a party trick, and in a way it is a good one, but there is real logic underneath. Neural networks trained on images are extraordinarily good at recognizing patterns - the same machinery that tells a cat from a dog can be pointed at the visual texture of a compiled program. Malicious files, it turns out, tend to look a certain way when you render their bits and bytes as pixels. So CYSANA converts the software, shows the image to a deep-learning model, and asks: does this look like trouble?

The important word is when. CYSANA does this at the point of download - before the file opens, installs, or does anything at all on a computer. That is a different place in the attack cycle than most tools occupy. A lot of security software is very good at telling you what happened after it happened. Conatix is trying to catch the file before the story starts.

There is a second half to the pitch, and it is the part that stops malware from turning into ransomware. Ransomware has a dirty secret: it does not bring its own lock. It uses yours - your computer's own encryption keys - to scramble your files and hold them hostage. Conatix licenses patented anti-encryption technology, developed with the University of Luxembourg, that blocks malware from getting at those keys. No keys, no ransom. It is a narrow, specific intervention, and narrow specific interventions are often the ones that work.

None of this was built in a vacuum, which is the most honest thing about the company. The anti-ransomware core came out of the University of Luxembourg's SnT research centre, is patented in 15 countries, and is exclusively licensed to Conatix. The neural network models were trained and stress-tested against novel and zero-day files on MeluXina, one of Europe's most powerful supercomputers, operated by LuxProvide. The R&D was supported by an EIT Digital innovation grant, partly funded by the EU. It is a startup wrapped around real academic science, and it credits the science.

"Our CYSANA software merges deep learning and anti-encryption research to detect malware before it executes."
David Lehrer, Founder & CEO, Conatix
What It Does

Three products, one idea

01 / DETECT

CYSANA

A next-generation malware detector and ransomware blocker. Converts executables into images, uses neural networks to flag malware pre-execution, and applies patented anti-encryption tech so malware can't become ransomware. Plugs into existing MDR and XDR stacks.

02 / WATCH

Insider Fraud Detection

AI-based insider and supplier threat protection. Monitors behavior across enterprise and software-defined networks at scale to catch insider fraud in real time - the threat that comes from a trusted login, not an outside attacker.

03 / ANALYZE

Log Analytics

Real-time analytics for packet, network, and security logs. Deep-learning and machine-learning models surface anomalies instantly, built on Kafka, Elasticsearch, Grafana and PyTorch.

Under The Hood

How CYSANA catches a file

1

Download moment

An executable arrives on the machine. CYSANA intercepts it before it opens or installs.

2

Convert to image

The binary's bits and bytes are rendered as a visual image the model can read.

3

Neural verdict

A deep-learning network trained on millions of good and bad files flags what looks malicious.

4

Lock the keys

If it slips through, anti-encryption tech blocks malware from using your keys to hold data hostage.

Why It Matters

The math Conatix wants to break

Track Record

Milestones

2019

Early seed & grant backing

Conatix takes early seed funding and begins R&D backed by an EIT Digital Innovation Factory grant, partly EU-funded.

Research phase

Luxembourg partnership

Co-develops anti-ransomware technology with the University of Luxembourg's SnT centre; secures an exclusive license, patented in 15 countries. Models trained on the MeluXina supercomputer.

Apr 2024

CYSANA launches

Enterprise app releases April 17, 2024 to MSPs and CISO teams across North America and Europe, by invitation.

2024

Award recognition

CYSANA wins the AI & Data category of the 2024 Product Awards. Conatix is named among the UK's most innovative cybersecurity startups and listed on the CyberTech 100.

Amuse-Bouche

Five things worth knowing

FACT 01

It reads pictures

CYSANA literally converts software into images - malware detection as computer vision.

FACT 02

Your own keys

Its anti-ransomware trick is denying malware access to your computer's own encryption keys.

FACT 03

Supercomputer-trained

Models were hardened on MeluXina, one of Europe's most powerful machines.

Go Deeper

Links, press & profiles

Quick facts: Conatix

Conatix is an early-stage AI cybersecurity company that turns software into pictures so a computer can see malware before it runs. Its flagship product, CYSANA (CYberSecurity ANAlytics), converts executable files into images at the moment of download, uses deep-learning neural networks to spot malicious code, and pairs that with patented anti-encryption technology that stops malware from ever becoming ransomware. Founded by David Lehrer and developed in partnership with the University of Luxembourg's SnT centre, the company markets to managed security providers, CISO teams, banks, corporations, and government agencies across North America and Europe.

Headquarters
Washington, DC, United States
Founders
David Lehrer (Founder & CEO)
Team size
~12 employees
Products
CYSANA (CYberSecurity ANAlytics), Insider Fraud Detection, Network & Security Log Analytics
Notable
CYSANA won the AI & Data category of the 2024 Product Awards (Products That Count)., Named one of the UK's most innovative cybersecurity startups two consecutive years., Listed on the global CyberTech 100.

Last updated: