BREAKING  CyCognito maps your attack surface the way an attacker would Founded 2017 in Palo Alto by ex-Unit 8200 operators $100M Series C at an $800M valuation Customers include Tesco, Panasonic, Hitachi, Colgate-Palmolive Named a Leader in the GigaOm Radar for Attack Surface Management BREAKING  CyCognito maps your attack surface the way an attacker would Founded 2017 in Palo Alto by ex-Unit 8200 operators $100M Series C at an $800M valuation Customers include Tesco, Panasonic, Hitachi, Colgate-Palmolive Named a Leader in the GigaOm Radar for Attack Surface Management
Company Profile  /  Cybersecurity
CyCognito logo - orange and white C mark on navy
CYCOGNITO · PALO ALTO, CA

CyCognito

The company built on a plain, slightly uncomfortable idea: attackers can see every asset you expose to the internet, and most enterprises cannot. CyCognito hands the defenders the attacker's map.

A navy square, a white "C," one orange block cut clean out of it - the logo of a company whose whole job is finding the piece of your network you didn't know was missing.

Founded 2017 HQ Palo Alto, CA Series C $100M Category Exposure Management

The Story

A defense company that thinks offense

Here is a fact that keeps chief information security officers awake: the asset most likely to get you breached is one you don't know you own. A marketing microsite spun up for a campaign in 2019. A test server a contractor forgot to decommission. A subsidiary in another country running its own web stack. Attackers don't care which of your assets are on the official inventory. They scan the entire internet, find the weak one, and walk in through it. CyCognito is a company organized entirely around that fact.

Founded in 2017 and headquartered in Palo Alto, CyCognito sells what the industry now calls external exposure management - or, in the older phrasing, attack surface management. The product does three things in a loop: it discovers all of an organization's internet-facing assets (including the unknown and unmanaged ones), it tests those assets the way an attacker would probe them, and it ranks what it finds so a security team knows what to fix first. The interesting part is what it does not require. No agents to install. No integration project. No configuration. CyCognito looks at your organization from the outside, because that is exactly where an attacker stands.

The founders came to this honestly. CEO Rob Gurzeev was CTO of the product department of Israel's Unit 8200, the elite military intelligence corps, and ran offensive security for both intelligence agencies and the private sector before flipping to defense. CTO Dima Potekhin is a self-taught engineer who started coding at nine, holds patents in internet-scale infrastructure, and received the Israel Defense Prize. The premise of the company is essentially their old day job, pointed in the opposite direction: do the reconnaissance an attacker would do, but deliver the results to the target instead of exploiting them.

By The Numbers

The shape of the company

2017
Year founded
$163M
Total funding raised
$800M
Series C valuation
~150
Employees

Meaningful cyber defense starts with protecting your external digital footprint.

- CyCognito, on its founding premise

How It Works

Discover, test, prioritize - on repeat

The platform runs continuously, mimicking an attacker's reconnaissance rather than waiting for a scheduled scan. The loop is the product.

01

Discover

Map every internet-facing asset - cloud, web, APIs, subsidiaries - including shadow IT nobody remembers deploying.

02

Attribute

Figure out which assets actually belong to you and who inside the org owns each one.

03

Test

Simulate attacker probing across live assets to surface exploitable weaknesses without disrupting operations.

04

Prioritize

Rank risks by real-world exploitability and business impact so teams fix the right thing first.

Products

Three tools, one loop

Discovery

Attack Surface Management

Continuously discovers, maps and attributes all internet-facing assets across cloud, web and subsidiaries - with no agents and no configuration required.

Validation

Automated Security Testing

Simulates attacker reconnaissance and testing across live assets to surface exploitable vulnerabilities without impacting business operations.

Prioritization

Exploit Intelligence

Ranks discovered risks by exploitability and business impact, so security teams remediate what genuinely matters instead of chasing noise.

Why It Exists

The perimeter quietly disappeared

For a long time, enterprise security had a tidy mental model: there was an inside and an outside, and a firewall in between. Then cloud happened. Then APIs multiplied. Then every acquisition brought its own sprawl of servers, and every marketing team learned to spin up sites without asking IT. The neat border dissolved into thousands of internet-facing assets scattered across providers and geographies - and the security team's inventory stopped matching reality.

CyCognito's market is precisely that gap between the inventory you think you have and the footprint you actually expose. It is a market that got created by convenience: every shortcut that made shipping software faster also made the attack surface bigger and harder to see. The company's answer is not to slow anyone down but to restore the seeing - to give defenders the same complete, outside-in view an attacker assembles for free.

Who Uses It

The customer base

CyCognito sells to large enterprises with complex, distributed digital footprints - the organizations that have the most assets to lose track of. That spans financial services, manufacturing, healthcare, retail, hospitality and the public sector. Around its Series C, the company reported roughly 400% year-over-year revenue growth and tripled its Fortune 500 customer count.

TescoColgate-PalmolivePanasonicHitachiStröerStorebrandBertelsmannWiproAgodaAlticeADAMAAsklepios

The Money

Funding & backers

Seed '18
~$5M
A + B
~$48M
Series C '21
$100M

The December 2021 Series C was led by The Westly Group, with Thomvest Ventures and The Heritage Group joining. Earlier backers Accel, Lightspeed Venture Partners, Sorenson Ventures and UpWest all returned. Total raised sits at roughly $153-163M.

Timeline

From Unit 8200 to the GigaOm Radar

2017

CyCognito founded

Rob Gurzeev and Dima Potekhin start the company to apply an attacker's view to enterprise defense.

2018

Seed round

Sorenson Ventures leads the seed, backing the early attack-surface platform.

2019-2020

Platform and early growth

The ASM platform ships and lands early enterprise customers, with Accel and Lightspeed on board.

2021

$100M Series C at $800M

The Westly Group leads a $100M round amid ~400% revenue growth and 3x Fortune 500 customer expansion.

2025

Analyst leadership & platform expansion

Named a Leader in the GigaOm Radar for ASM; ships automation, RBAC Teams and cloud features while adding partners like Wiz and Armis.

The Ecosystem

Partners & alliances

Through 2025, CyCognito deepened a set of cloud-security, managed-security and exposure-testing alliances across the US, EU and APAC - pushing exposure data into the wider security stack rather than sitting apart from it.

Cloud Security

Wiz

Integrating external exposure findings with cloud risk context.

Asset Intelligence

Armis

Exposure and asset-intelligence collaboration.

Validation

Picus

Security-control testing and exposure validation.

NCC GroupDeepSeas

Watch & Listen

Interviews & product demos

Questions

Frequently asked

What does CyCognito do?

It runs an external exposure management platform that discovers an organization's internet-facing assets, tests them for vulnerabilities, and prioritizes the risks that matter most - mapping the attack surface the way an attacker would.

Who founded CyCognito and when?

Founded in 2017 by Rob Gurzeev (CEO) and Dima Potekhin (CTO), both veterans of Israeli military intelligence, including the elite Unit 8200.

How much funding has CyCognito raised?

Roughly $153-163M across multiple rounds, headlined by a $100M Series C in December 2021 at an $800M valuation, led by The Westly Group.

Who are CyCognito's customers?

Large global enterprises including Tesco, Colgate-Palmolive, Panasonic, Hitachi, Ströer, Storebrand, Bertelsmann and Wipro, across financial services, manufacturing, healthcare, retail and public sector.

How is CyCognito different from a vulnerability scanner?

Traditional scanners test assets you already know about. CyCognito starts from the outside with no agents or configuration, discovers unknown and shadow-IT assets first, then tests and prioritizes them - closer to how an attacker actually operates.

Connect

Find CyCognito