CA

Cypago AI

Cybersecurity, Compliance, GRC Automation

AI Governance & ComplianceGRCComplianceAISecurity
Function:Security
Subfunction:Compliance Monitoring & Audit
Loading versions...
Founded
2020
Employees
11-50 (~32)
Funding
$13M seed
Stage
Seed stage, approximately $5.5M revenue
Report version: Oct 20, 2025

1. Products/Services & Features

  • Main Offerings:

    • Cyber GRC Automation Platform - End-to-end automation for compliance processes across multiple security frameworks
    • Continuous Control Monitoring - Real-time monitoring and visibility of security controls to detect compliance gaps
    • Automated User Access Reviews - Automation of user access permission reviews to identify risks and simplify audits
  • Feature Breakdown: Automated evidence collection and correlation; Real-time compliance gap detection; Continuous control monitoring; Automated user access reviews; CISO Dashboard (CyberGaze) with customizable metrics; No-code workflows; AI Co-Pilot for natural language queries; Integration with AWS, Okta, and other enterprise tools; Support for SOC2, ISO27001, GDPR, HIPAA, FedRAMP, NIST AI RMF, ISO/IEC 42001 (Departments: Security, Compliance, Risk Management, IT Operations)

  • Business Industry Gearing: Highly geared toward regulated industries - Finance, Healthcare, Technology, Government

2. Security & Compliance

  • Certifications: SOC2 Type II Approved (specific certification date not publicly disclosed), Platform supports ISO27001, GDPR, HIPAA, FedRAMP, NIST AI RMF, ISO/IEC 42001 compliance; Cypago's own ISO27001 and GDPR certification status not publicly confirmed

  • Vendors/Tools: AWS, Okta, Archer Integrated Risk Management, and other enterprise security tools

  • Risk Profile:

    • Breaches: No known public data breaches reported
    • Features: SOC2 approved; Automated audit trails; Real-time compliance monitoring; Continuous evidence collection; Confidentiality and processing integrity controls; Cloudflare CDN and DNSSEC for infrastructure security

3. User Feedback & Adoption

  • Aggregated Reviews: Positive reviews on G2 and Capterra; Users praise compliance automation capabilities and customer support; Average sentiment: Strong positive

    • Pros: Streamlines compliance processes for SOC2 and ISO27001; Excellent customer support (responsive and dedicated); Easy integration with cloud services and compliance tools; Automated evidence collection reduces manual effort; Personalized compliance approach; Clear guidance on required controls; Transforms compliance from manual to automated workflows
    • Cons: Integration gaps for niche tools; Automation completeness could be improved (estimated 50% clarity on some requirements); Limited filtering options (e.g., by Trust Services Criteria for SOC2); Remediation steps could be clearer for certain controls
  • Adoption Insights:

    • Adoption Ease: High - Platform is designed for ease of use with straightforward setup, clear guidance, and intuitive interface; No-code workflows reduce technical barriers
    • Adoption Cultural Fit: High - Aligns with modern security and compliance teams seeking to reduce manual processes and improve efficiency; Supports cross-functional workflows
  • Metrics: Not publicly disclosed; Customer base includes Check Point, Hippo Insurance, Trigo; Described as having 'healthy uptake' with 'dozens' of customers

  • Barriers: Integration gaps for niche tools; Requires organizational buy-in for automation; May require training for teams accustomed to manual processes

4. Monetization & Business Model

  • Revenue Model: SaaS subscription model with annual contracts

  • Pricing: Premier ($60,000/year for smaller enterprises); Professional ($100,000/year for mid-size enterprises); Platinum ($200,000/year for large enterprises); Custom pricing available for enterprise deals (Sources: AWS Marketplace; Cypago website)

  • Market Context:

    • TAM: Global GRC automation market estimated in billions; Driven by increasing regulatory complexity and compliance requirements across industries
    • Growth Stage: Growth stage; 65% of CISOs plan to adopt GRC automation; Compliance costs up 60% in 5 years

5. Leadership & Recent Developments

Name Description LinkedIn X Account
Arik Solomon Co-Founder and CEO; 30+ years in cybersecurity, consulting, and software development; Former CTO of EY's Cybersecurity Center; Former Cyber R&D Group Leader at Israel's Office of the Prime Minister; MA in History https://www.linkedin.com/in/arik-solomon-cypago https://twitter.com/arik\_solomon
Yahav Peri Co-Founder and CTO/VP R&D; Expertise in technology and product development; Background in Israeli intelligence circles; Leads R&D and product innovation at Cypago https://il.linkedin.com/in/yahav-peri https://twitter.com/yahav\_peri
Keith Abramson VP of Sales; Responsible for sales strategy and business development https://www.linkedin.com/in/keithabramson
  • Key Metrics Update:

    • Funding: August 2023 - $13M Seed Round led by Entrée Capital, Axon Ventures, Jump Capital; Plus $2M debt financing
    • Employee Growth: Grew from 26 employees in 2023 to approximately 25-30 by end of 2023; Planned expansion in R&D, product, and go-to-market teams
  • News/Trends:

    • News Launch: Early 2024 - Unveiled AI governance automation support for NIST AI RMF and ISO/IEC 42001 standards
    • News Partnerships: Partnership with Archer Integrated Risk Management (webinar November 2025); Carahsoft partnership for FedRAMP solutions
    • News Funding: August 2023 - $13M Seed Round; $2M debt financing
    • News Challenges: Manual compliance processes still dominate industry; 42% of CISOs face greater personal liability; Need for continuous compliance monitoring in AI-driven environments

6. Target Audience & Use Cases

  • Target Market: Mid to large enterprises in regulated industries (Finance, Healthcare, Technology, Government) requiring complex compliance and risk management

  • Target Users & Personas: CISOs, Security Leaders, Compliance Officers, Risk Managers, IT Operations teams

  • User Experience Level: Intermediate to Advanced - Security and compliance professionals with understanding of regulatory frameworks

  • Key Use Cases:

    • SOC2 Type II Compliance Automation - Organizations pursuing SOC2 certification can automate evidence collection, control validation, and audit readiness across multiple product lines
    • ISO27001 Compliance Management - Enterprises can streamline ISO27001 compliance processes with automated control monitoring and continuous audit readiness
    • FedRAMP Authorization Acceleration - Government contractors can automate FedRAMP compliance processes on private cloud or Amazon GovCloud with continuous monitoring and evidence collection

7. Impact & Recommendations

  • Measurable Outcomes:

    • Workflow Improvements: Reduces manual compliance work by automating evidence collection and control validation; Enables continuous compliance monitoring instead of point-in-time audits; Improves collaboration between security, compliance, and operations teams; Provides real-time visibility into compliance gaps and remediation needs
    • ROI Examples: Reduced compliance costs through automation; Faster time to audit readiness; Decreased manual effort for compliance teams; Improved compliance posture and reduced regulatory risk; Faster FedRAMP authorization timelines
  • Fit Assessment: Excellent fit for enterprises with complex compliance requirements across multiple frameworks; Strong fit for organizations seeking to reduce manual compliance processes and improve audit readiness; Particularly valuable for regulated industries with continuous compliance needs

  • Custom Rec Flags:

    • Priority ICP: Mid to large enterprises (500+ employees) in Finance, Healthcare, Technology, and Government sectors requiring SOC2, ISO27001, GDPR, HIPAA, or FedRAMP compliance
    • Short Term Goals: Expand market presence in North America and EU; Grow customer base and achieve higher ARR; Enhance AI governance and compliance automation capabilities; Expand integration ecosystem

8. Data Sourcing Notes

Need help evaluating and implementing AI tools?

ChiriBrain orchestrates your entire AI stack — connecting tools, teams, and workflows into one governed platform.