The startup that turns software into pictures - so a computer can see malware before it runs.
The Conatix mark. A 12-person company that runs across New York, Montreal, London, Berlin and the DC suburbs, and asks a simple question most scanners never do: what does this file look like?
Countries patented
Employees
Cities, two continents
CYSANA launch
Here is a slightly strange fact about cybersecurity, which is that most malware scanners work the way a copy editor works. They read the file line by line, looking for a phrase they have seen flagged before. This is fine, and it catches a great deal of malware, right up until the moment someone writes a sentence the copy editor has never seen. Then it sails through.
Conatix, an early-stage AI company headquartered near Washington, DC, decided to do something else. Its flagship product, CYSANA - short for CYberSecurity ANAlytics - does not read the file line by line. It converts the executable into an image, and then it looks at the picture.
This sounds like a party trick, and in a way it is a good one, but there is real logic underneath. Neural networks trained on images are extraordinarily good at recognizing patterns - the same machinery that tells a cat from a dog can be pointed at the visual texture of a compiled program. Malicious files, it turns out, tend to look a certain way when you render their bits and bytes as pixels. So CYSANA converts the software, shows the image to a deep-learning model, and asks: does this look like trouble?
The important word is when. CYSANA does this at the point of download - before the file opens, installs, or does anything at all on a computer. That is a different place in the attack cycle than most tools occupy. A lot of security software is very good at telling you what happened after it happened. Conatix is trying to catch the file before the story starts.
There is a second half to the pitch, and it is the part that stops malware from turning into ransomware. Ransomware has a dirty secret: it does not bring its own lock. It uses yours - your computer's own encryption keys - to scramble your files and hold them hostage. Conatix licenses patented anti-encryption technology, developed with the University of Luxembourg, that blocks malware from getting at those keys. No keys, no ransom. It is a narrow, specific intervention, and narrow specific interventions are often the ones that work.
None of this was built in a vacuum, which is the most honest thing about the company. The anti-ransomware core came out of the University of Luxembourg's SnT research centre, is patented in 15 countries, and is exclusively licensed to Conatix. The neural network models were trained and stress-tested against novel and zero-day files on MeluXina, one of Europe's most powerful supercomputers, operated by LuxProvide. The R&D was supported by an EIT Digital innovation grant, partly funded by the EU. It is a startup wrapped around real academic science, and it credits the science.
"Our CYSANA software merges deep learning and anti-encryption research to detect malware before it executes."— David Lehrer, Founder & CEO, Conatix
A next-generation malware detector and ransomware blocker. Converts executables into images, uses neural networks to flag malware pre-execution, and applies patented anti-encryption tech so malware can't become ransomware. Plugs into existing MDR and XDR stacks.
AI-based insider and supplier threat protection. Monitors behavior across enterprise and software-defined networks at scale to catch insider fraud in real time - the threat that comes from a trusted login, not an outside attacker.
Real-time analytics for packet, network, and security logs. Deep-learning and machine-learning models surface anomalies instantly, built on Kafka, Elasticsearch, Grafana and PyTorch.
An executable arrives on the machine. CYSANA intercepts it before it opens or installs.
The binary's bits and bytes are rendered as a visual image the model can read.
A deep-learning network trained on millions of good and bad files flags what looks malicious.
If it slips through, anti-encryption tech blocks malware from using your keys to hold data hostage.
Conatix takes early seed funding and begins R&D backed by an EIT Digital Innovation Factory grant, partly EU-funded.
Co-develops anti-ransomware technology with the University of Luxembourg's SnT centre; secures an exclusive license, patented in 15 countries. Models trained on the MeluXina supercomputer.
Enterprise app releases April 17, 2024 to MSPs and CISO teams across North America and Europe, by invitation.
CYSANA wins the AI & Data category of the 2024 Product Awards. Conatix is named among the UK's most innovative cybersecurity startups and listed on the CyberTech 100.
CYSANA literally converts software into images - malware detection as computer vision.
Its anti-ransomware trick is denying malware access to your computer's own encryption keys.
Models were hardened on MeluXina, one of Europe's most powerful machines.
Compiled from public sources including Conatix, the University of Luxembourg SnT, EurekAlert, Crunchbase and CB Insights. Funding and headcount figures are approximate and reflect the latest public data; some details (founding year, valuation, revenue) are not publicly disclosed and are omitted rather than estimated.
Conatix is an early-stage AI cybersecurity company that turns software into pictures so a computer can see malware before it runs. Its flagship product, CYSANA (CYberSecurity ANAlytics), converts executable files into images at the moment of download, uses deep-learning neural networks to spot malicious code, and pairs that with patented anti-encryption technology that stops malware from ever becoming ransomware. Founded by David Lehrer and developed in partnership with the University of Luxembourg's SnT centre, the company markets to managed security providers, CISO teams, banks, corporations, and government agencies across North America and Europe.
Last updated: