S

scythe

lightning_bolt Market Research

SCYTHE - Comprehensive Analysis Report



Summary


SCYTHE is a cybersecurity company that operates an adversary emulation platform primarily for enterprise, government, and cybersecurity consulting markets. Its mission is to empower Red, Blue, and Purple teams within organizations to continuously assess and strengthen their security posture. The company achieves this by enabling the building and emulation of real-world adversarial campaigns, moving beyond traditional vulnerability assessments to validate defensive controls against actual Tactics, Techniques, and Procedures (TTPs). SCYTHE's significance in the industry lies in its proactive approach to security, allowing organizations to scrutinize their detective and preventive controls across various communication vectors and ultimately improve their resilience against sophisticated cyber threats.

1. Strategic Focus & Objectives


Core Objectives


SCYTHE's primary strategic focus is on continuous Adversarial Exposure Validation (AEV).
  • Continuous Security Posture Assessment: To enable organizations to continuously test their security controls in a realistic manner, mirroring actual adversary operations.

  • Strengthening Security Programs: To identify and address knowledge gaps within "red team" domains, thereby enhancing the overall security program.

  • Improving Threat Understanding: To provide a clearer understanding of specific threat actors, groups, and their capabilities, aiding in more targeted defense strategies.

  • Pinpointing Detection and Response Deficiencies: To identify gaps in an organization's detection and response capabilities against real-world TTPs.

  • Risk Profile Management: To help organizations maintain an ongoing evaluation of their risk profile, prioritize vulnerabilities, and take decisive action against the most significant threats.


Specialization Areas


SCYTHE specializes in advanced adversary emulation and security control validation. Its platform is designed to offer production-safe threat emulation, realistically mimicking malicious actor strategies and techniques without compromising infrastructure.
  • Adversary Emulation: Enabling the creation and execution of realistic cyber attack campaigns.

  • Security Controls Validation: Continuously testing and validating an organization's defensive mechanisms.

  • Red, Blue, and Purple Team Collaboration: Facilitating an integrated approach to security testing and improvement among different security teams.


Target Markets


SCYTHE primarily targets:
  • Enterprise Organizations: Mid-to-large organizations seeking proactive security validation, especially those investing in automation, AI, and attack simulations.

  • Government Entities: Agencies requiring robust and validated cybersecurity defenses.

  • Cybersecurity Consulting Firms: Consultancies that utilize the platform to deliver advanced security assessment services to their clients.


2. Financial Overview


Funding History


SCYTHE was founded in 2017.
  • Total Funds Raised to Date: SCYTHE has raised a total of $13 million in funding across 2 rounds. Other sources suggest a total funding of $18.2 million.

  • Detailed Breakdown of Recent Funding Rounds:

  • Initial Funding Round (September 17, 2018): SCYTHE secured $3 million in an initial funding round.

  • Key Investors: Led by Ron Gula of Gula Tech Adventures, with participation from Evolution Equity, Paladin Capital Group, Stony Lonesome Group, and SaaS Ventures. Notable private investors also participated, including Dmitri Alperovitch of CrowdStrike and Ray Rothrock of RedSeal.

  • Fund Utilization: This investment was intended to accelerate the delivery of its attack simulation platform and drive new product development, including a roadmap of features and innovations to disrupt the cybersecurity industry.

  • Series A (November 8, 2021): SCYTHE raised $10 million in Series A funding.

  • Key Investors: Led by Gula Tech Ventures and Paladin Capital Group, with investment from Energy Impact Partners (EIP).

  • Impact on Company Growth: This funding was explicitly announced to support the expansion of enterprise-level cybersecurity.


3. Product Pipeline


Key Products/Services


SCYTHE Adversary Emulation Platform (SCYTHE Core)
  • Description: A next-generation platform designed for continuous adversarial exposure validation, integrating breach and attack simulation features with vulnerability assessment and penetration testing capabilities. It enables Red, Blue, and Purple teams to build and emulate real-world adversarial campaigns.

  • Development Stage: Actively developed with continuous updates and new versions (e.g., SCYTHE 5.0 in August 2025).

  • Target Market/Condition: Enterprises, government agencies, and cybersecurity consulting firms, aiming to validate security controls against evolving real-world threats.

  • Key Features and Benefits:

  • Production-Safe Threat Emulation: Mimics malicious actors' strategies and techniques safely.

  • MITRE ATT&CK Framework Mapping: Campaigns are mapped to the MITRE ATT&CK framework for standardized threat intelligence and defense validation.

  • Continuous EDR Validation: Validates Endpoint Detection and Response (EDR) systems against genuine adversary techniques in live environments.

  • Customer Threat Intelligence (CTI) Integration: Maps CTI feeds to relevant threat actors, emulating their TTPs against production defenses.

  • Detection Engineering Workflow Integration: Validates SIEM rules against actual adversary behavior before deployment and after platform changes.

  • AI-Powered Campaign Building: SCYTHE 5.0 introduced AI-powered simplicity for advanced threat emulation.

  • Cloppy (AI Analyst Chatbot): Launched in November 2023, an AI analyst chatbot powered by supervised machine learning to support automation and advanced threat analysis.


SCYTHE Marketplace
  • Description: Launched in August 2020, this platform opens SCYTHE's synthetic malware creation capabilities to trusted third-party developers, creating a secure space for developing and sharing new adversary behaviors and capabilities.

  • Development Stage: Operational and evolving since its launch.

  • Target Market/Condition: Security teams seeking to integrate the latest adversary behaviors into their emulation campaigns quickly and effectively.

  • Key Features and Benefits: Enables customers to integrate modules into their SCYTHE campaigns to test against the latest adversary behaviors at speed, maximizing red and purple team exercises.


Managed or 1-off Purple Team Service & Managed BAS+ Service
  • Description: SCYTHE offers services for organizations seeking ongoing support or those lacking internal staffing for red team operations and detection engineering.

  • Development Stage: Actively offered services.

  • Target Market/Condition: Organizations needing assistance with continuous assessment and optimization of security measures, or those requiring breach and attack emulation without sufficient internal resources.

  • Key Features and Benefits: Provides continuous assessment, optimization of security measures, and the power of breach and attack emulation to accelerate offensive cyber capabilities.


4. Technology & Innovation


Technology Stack


  • Core Platforms and Technologies: SCYTHE offers a next-generation adversary emulation platform. It is able to deploy a combination of threat actor communications and end-point capabilities on production environments.

  • Proprietary Developments:

  • Adversary Emulation Platform: Enables users to build and emulate real-world threat campaigns using a combination of communications and endpoint capabilities.

  • Evolution from CVE to TTPs: Facilitates a shift in focus from Common Vulnerabilities and Exposures to Tactics, Techniques, and Procedures.

  • Cloppy: An AI analyst chatbot powered by supervised machine learning, indicating investment in automation and advanced threat analysis.

  • Scientific Methodologies:

  • MITRE ATT&CK Framework Mapping: Campaigns are mapped to this industry standard for cyber threat intelligence, Blue Teams, and Red Teams.

  • Continuous Validation of EDR Systems: Validates EDRs against real adversary techniques in live environments to ensure accurate detection coverage.

  • Customer Threat Intelligence (CTI) Integration: Maps CTI feeds to specific threat actors relevant to an industry and geography, emulating their actual TTPs against production defenses.

  • Detection Engineering Workflow Integration: Validates Security Information and Event Management (SIEM) rules against real adversary behavior, in the actual environment, before deployment and automatically after platform changes or updates.

  • Technical Capabilities:

  • Dual Deployment Options: Offers flexibility in deployment for diverse IT and OT/ICS environments.

  • High-fidelity, Real-world Simulated Attack Capabilities: Focused on realistic cybersecurity testing.


5. Leadership & Management


Executive Team


  • Bryson Bort: Founder & CEO. He previously led an elite research and development division that contributed to national security and is the Founder of GRIMM, a cybersecurity consultancy.

  • Jorge Orchilles: Chief Technology Officer (joined June 2020). He previously led the offensive security team at Citi for 10 years and co-created the C2 Matrix project. He is also a SANS Certified Instructor.

  • Elizabeth Wharton: Vice President of Operations (named April 2022). Known as "Lawyer Liz," she brings over a decade of legal, policy, and business experience within information security.

  • Stephanie Simpson: Vice President of Product (leads product development efforts, joined April 2022). She has over 20 years of experience in hardware and software solutions.


Recent Leadership Changes


  • Bryson Bort was named CEO upon the spin-out of SCYTHE from GRIMM in October 2017.

  • Jorge Orchilles joined as CTO in June 2020.

  • Elizabeth Wharton and Stephanie Simpson were added to the senior management team as VP of Operations and VP of Product, respectively, in April 2022.


6. Talent and Growth Indicators


Hiring Trends and Workforce


  • Current Employee Count: SCYTHE has 52 total employees. Other sources indicate 37 employees or approximately 33 employees.

  • Employee Growth Trajectory: One source indicates a -24% decrease in employee count last year.

  • Key Roles Being Recruited: While specific open positions are not detailed in the provided information, the company's innovation in AI capabilities and product enhancements suggests ongoing recruitment in areas such as AI integration, threat analysis, and platform development. The company's expansion of service offerings also suggests roles in managed purple team and breach and attack simulation services.

  • Employee Sentiment and Culture Insights: SCYTHE emphasizes an inclusive culture, collaborative team, and offers perks such as equity options, comprehensive health benefits, unlimited PTO, and a 401(k) plan with a 5% company match. Core values include passion, humility, and kindness.

  • Company Growth Trajectory Indicators: SCYTHE customers consistently report a 35–60% improvement in detection coverage and a 60%+ reduction in detection Mean Time to Repair (MTTR). This demonstrates the effectiveness of their platform and indicates growth driven by client success in improving security operations.


7. Social Media Presence and Engagement


Digital Footprint


SCYTHE maintains a professional presence on several digital platforms.
  • Website: www.scythe.io

  • LinkedIn: SCYTHE has social profiles on LinkedIn.

  • X (formerly Twitter): Connects with SCYTHE on X at @scythe_io.


Brand Messaging and Positioning


SCYTHE's brand messaging revolves around democratizing advanced threat emulation and automated security control testing, empowering organizations to "Attack, Detect, and Respond efficiently." They emphasize realistic, production-safe simulations and continuous validation against real-world threats.

Thought Leadership Initiatives


The company's CEO and Founder, Bryson Bort, has been involved in community initiatives such as co-creating the C2 Matrix project with CTO Jorge Orchilles, which offers a comprehensive breakdown of command and control frameworks.

8. Recognition and Awards


Industry Recognition


  • 2025 SINET16 Innovator: SCYTHE was awarded 2025 SINET16 Innovator, recognizing it among the 16 most innovative and compelling emerging cybersecurity companies worldwide. This award acknowledges SCYTHE's role in transforming proactive cybersecurity with Adversarial Exposure Validation (AEV).

  • 2022 SC Awards Excellence Award finalist for Security Executive of the Year: Founder and CEO, Bryson Bort, was recognized as a finalist for this award in May 2022.

  • 2021 Timmy Awards Best Tech Startup Finalist: SCYTHE was nominated and chosen as a finalist for this award.

  • SINET Companies to Watch (2021): SCYTHE was selected as one of SINET's companies to watch.

  • 2020 Innovators' Showcase Honoree: SCYTHE received this recognition.


9. Competitive Analysis


Major Competitors


SCYTHE operates in the breach and attack simulation (BAS) and adversarial exposure validation (AEV) markets. Key competitors include:
  • Picus Security: Pioneers in BAS and AEV, offering a platform for exposure assessment, security control validation, and exposure validation to continuously measure and reduce cyber risk.

  • Pentera: Provides an agentless, low-touch, fully automated platform for continuous security validation, identifying true risk and security exposure without prior environmental knowledge.

  • Cymulate: A cybersecurity validation company, also a primary competitor of SCYTHE.

  • AttackIQ: A competitor in the same market space.

  • SafeBreach: Another competitor in security validation.

  • Other competitors mentioned in the broader cybersecurity risk management and penetration testing areas include Cisco Vulnerability Management (formerly Kenna.VM), Kroll, and Astra.


10. Market Analysis


Market Overview


The cybersecurity market is characterized by rapid evolution and an increasing emphasis on proactive security measures. Organizations are moving towards validating existing controls against real-world threats, acknowledging the inevitability of breaches. This shift drives demand for solutions that assess detective and alerting controls effectively.

  • Total Addressable Market Size: The market for cybersecurity solutions is substantial and growing, particularly for advanced simulation and validation tools.

  • Growth Potential: High growth potential stems from the increasing sophistication of cyber threats, the rising adoption of frameworks like MITRE ATT&CK, and the need for continuous validation of security postures.

  • Key Market Trends:

  • Shift to Proactive Security: Moving from reactive defense to proactive validation of security controls.

  • MITRE ATT&CK Adoption: Increasing use of the MITRE ATT&CK framework as a common language for understanding and defending against adversarial tactics.

  • Continuous Security Validation: A growing demand for platforms that offer continuous assessment of security posture against realistic attack behaviors.

  • AI-Driven Threats and Defenses: Emergence of AI-driven cyberattack campaigns necessitates AI-aware defense and validation strategies.

  • Market Challenges and Opportunities: Organizations face challenges in keeping pace with evolving threats and validating the effectiveness of their complex security stacks. This creates opportunities for platforms like SCYTHE that offer automated, realistic, and continuous adversarial exposure validation, helping identify and communicate information security risks for informed business decisions.


11. Strategic Partnerships


  • Starseer: In January 2026, SCYTHE announced a strategic partnership with Starseer, a pioneer in AI Runtime Assurance and Detection Engineering.

  • Nature of Partnership: This collaboration aims to defend organizations against AI-driven and agentic cyberattacks by uniting SCYTHE's advanced adversary tradecraft emulation and automated security control validation with Starseer's deep visibility and control of AI models.

  • Strategic Benefits: The partnership provides the industry's first commercial offering to prepare businesses for AI-enabled and autonomous adversaries, allowing security teams to safely emulate AI-native attack paths and validate controls.


  • Axonius: SCYTHE has partnered with industry players like Axonius.

  • Strategic Benefits: Such partnerships enhance brand credibility and market reach, creating opportunities for joint offerings or integrated security solutions.


Browse SuperAGI Directories
agi_contact_icon
People Search
agi_company_icon
Company Search
AGI Platform For Work Accelerate business growth, improve customer experience & dramatically increase productivity with Agentic AI
Digital Workers & Agent native Softwares for GTM Teams
Get the SuperSales Mobile App and Browser Extension
app_store google_play chrome_extension