Predictive, proactive cyber attack prevention and mitigation



There is never a dull moment in the cybersecurity space and Covid has certainly accelerated the urgency for digital risk protection.

We know cybersecurity leaders face an uphill battle – outsmarting hackers, averting digital risk, and protecting data and infrastructure require super-human effort. CYFIRMA was founded to address this precise challenge – identify hackers (who), understand their motive (why), interest (what), attack readiness (when), and methods (how). Only by connecting these dots, can cyber defenders mount effective strategies to counter cyber risk.

CYFIRMA works in the deep tech space to uncover cyberthreats targeting IT and OT systems. Our platform helps clients such as Mitsubishi, NEC, Toshiba, and a number of government agencies, predict imminent cyberattacks. CYFIRMA is funded by Goldman Sachs, Zodius Capital, and Z3 Partners. Current reference clients include Mitsubishi Corporation, TOSHIBA, NEC, Suntory System Technology, SBI BITS, Seibu Holdings and NTT Data. These clients rely on CYFIRMA ‘s intel to prioritize remedial efforts, keeping their crown jewels safe from adversaries.

CYFIRMA is founded by Kumar Ritesh, the ex-head of cyber-intelligence and counter-terrorism for a national intelligence agency. Applying his expertise on how nations handle geopolitical tensions and the accompanying effects on commercial organizations and critical infrastructure, Ritesh has led CYFIRMA to build the world’s first predictive cyber-intelligence platform.

CYFIRMA helps clients address their cybersecurity needs with two core platforms – DeCYFIR and DeTCT. DeCYFIR is a threat detection and cyber intelligence platform with predictive capabilities, while DeTCT offers digital risk protection.

CYFIRMA’s flagship product, DeCYFIR, arms governments and businesses with personalized intelligence where insights are tailored to their industry, geography and technology. DeCYFIR provides clients with multi-layered intelligence covering strategic, management and operational insights. DeCYFIR’s ability to combined cyber-intelligence with attack surface discovery, vulnerability intelligence, brand intelligence, situational awareness and digital risk protection sets it apart from the competition. The platform provides risk and hackability scores to help clients prioritize security actions. Clients also receive insights that will enable them to conduct effective intelligence hunting and attribution, connecting the dots between hacker, motive, campaign and method to gain a comprehensive view of their threat landscape.

With DeCYFIR, clients receive early warnings of impending cyberattacks so they can act quickly to avoid a breach. DeCYFIR is designed to meet the stringent demands of CISOs, CROs, and Security Operations teams.

CYFIRMA is also the company behind the cutting-edge digital risk protection platform, DeTCT. DeTCT helps clients uncover their attack surfaces, know their vulnerabilities, quickly gain awareness of any data break or leak. DeTCT also helps clients protect their brand and reputation by unraveling any copyright infringement and executive impersonation.

Ways to use DeTCT


  • To identify data breaches and data leaks, and quickly take action to remediate.
  • For brand protection as the platform will uncover copycat websites, spoofed emails, IP breaches, executives profiles impersonation, etc.
  • To guide them on their cybersecurity investment (budget) as the platform will shine the light on their vulnerabilities and how they can close these security gaps.
  • To guide them on resources (people) they can optimize or re-allocate to areas which need attention.
  • To guide them on security controls (technology/process) they can either sunset or implement to close gaps.
  • ProvidesRisk Score for every vulnerability detected – this helps the client prioritize resources to mitigate the risk.
  • Provides overall Hackability Score – this is important to determined the level of risk of getting compromised. The score comes with trend analysis so client knows if he is moving in the right direction.
  • Uncovers breaches across IT as well as OT systems. This is particularly powerful as state-sponsored hacking groups are increasingly targeting OT systems.
  • The recent cyberattacks is shedding light on third-party risks and supply chain attacks – the way the new attack methods work combined with new malware is particularly troubling. We have a saying in our cybersecurity industry – there are only 2 states – either you are hacked and you know it (and therefore can fix it to minimize damage), or you are hacked and you don’t yet know. DeTCT is designed to solve this – quickly uncover your breach and work fast to close your gaps and strengthen your cyber posture.


Ways to use DeCYFIR


  • Cloud adoption introduces one of the biggest threat vector we call the ‘path to attack.’ There are a number of risks in a cloud environment, for example, we often see open, leaky buckets which are easy to overlook. Our flagship product, DeCYFIR, provides visibility on these attack surfaces, and reveal vulnerabilities which IT can take action to close the gaps.
  • DeCYFIR can be used not just by SOC teams but also Technology and Business Executives. DeCYFIR provides 3 views:
    • Executive View - we have dashboards that facilitate decision-making with a risk-based approach;
    • Management View - guided approach on how to go about remediation; and
    • Operational View – prioritized remedial actions for for security ops team.
  • Early signals on threats by recognizing signs of an impending attack. This allows the Bank to take action before an intrusion even occurs.
  • Contextual threat story answering the ‘WHO’, ‘WHY’, ‘WHAT’, ‘WHEN’, and ‘HOW’ of underlying threats and risks so effective risk mitigation can take place. Our flagship product, DeCYFIR, is the only cyber-intelligence platform in the market with predictive capabilities. We connect the dots on threat actor, their motivation, campaigns and methods so that clients would be equipped with intel to mount effective and efficient mitigation strategies against cybercriminals.
  • We help eliminate noise with personalized cyber-intelligence – this is particularly important given the dire lack of cybersecurity resources to manage emerging threats. The intel provided is fully relevant to client’s industry, geolocation they operate in, and technology stack which they use.
  • We also pick up IT assets that were unknown to the organisation, e.g. Shadow IT. This is our attack surface discovery feature which has gained importance during the course of the pandemic where employees had to work remotely on short notice. Home WIFI, remote access, BYOD, etc have all created new and heighten risk profiles.
  • We also provide brand intelligence where executive impersonation, lookalike domains, product infringement will be uncovered by our platform. This is our digital risk protection capability.
  • Vulnerability intelligence forms part of our offering. This helps clients validates their vulnerability programs and ensure security gaps are closed.
  • Consumable multi-layered cyber-Intelligence across business functions and domains to help address gaps in security controls and drive robust cyber posture management.


In a nutshell, CYFIRMA helps our clients defeat adversaries by providing predictive, personalized, contextualized, outside-in, and actionable cyber-intelligence.