Cybersixgill: An Interview With CPO Gabi Reish About Delivering Actionable Cyber Threat Intelligence In A $5+ Billion Market

By Amit Chowdhry • Jul 19, 2024

Cybersixgill is a company that continuously collects and exposes the earliest possible indications of risk, moments after they surface on the clear, deep and dark web. Pulse 2.0 interviewed Cybersixgill’s Global Chief Product Officer Gabi Reish to learn more about the company. 

Gabi Reish’s Background

What is Gabi Reish’s background? Reish said:

I am currently the Global Chief Product Officer at Cybersixgill – we are a leading provider of cyber threat intelligence (CTI). We collect over 10 million threat items every day in order to provide organizations with the most current, timely and critical intelligence information.  My background includes 20+ years’ experience in IT/Networking and cyber security industries, directing product disciplines, including product management and product marketing. I have focused on working across large, medium and small businesses, spanning enterprise software, cyber-security, fintech, payment and data-networking.”

Formation Of Cybersixgill

How did the idea for Cybersixgill come together? Reish shared:

“Cybersixgill was founded in 2014 with a single mission: To disrupt the traditional, manual threat intelligence solutions lagging behind the rapidly evolving threat landscape… We offer up-to-date threat intelligence by automatically collecting and curating insights from the widest set of sources. Our agile, automated threat intelligence solutions help security teams fight cybercrime and minimize their risk exposure by detecting phishing, data leaks, fraud, and vulnerabilities while amplifying incident response – all in real-time.”

Core Products

What are the company’s core products and features? Reish explained:

“Cybersixgill delivers actionable cyber threat intelligence for enterprises, GSIs, MSSPs, and Law Enforcement agencies. We uncover threat activities in any language, in any format, and on any platform. We collect, process, and curate, in real-time, threat intelligence data from the clear, deep, and dark web and from any messaging platform used by threat actors.”

“Our intelligence findings cover a wide set of use-cases, including; Adversary Intelligence, Vulnerability Intelligence, Identity (credential) intelligence, Brand & Phishing Intelligence, Fraud Intelligence,  Attack Surface intelligence and Third Party (supply chain) intelligence.”

“Our portfolio of solutions are available within our SaaS Portal via API or seamless integration into your existing security operations stack.”

“Our threat intelligence platform integrates with our Attack Surface Management (ASM) module to deliver unique, contextual threat intelligence to each customer and reduce their threat exposure – and, in combination with our Cybersixgill IQ, our generative AI, we deliver streamlined, actionable insights to help teams eliminate risk before a threat actor strikes.”

Significant Milestones

What have been some of the company’s most significant milestones? Reish cited

“In April of this year, we launched our Third-Party Intelligence module to help organizations understand the threats originating in their supply chains and third-party networks.”

“In 2023, we introduced our ASM Module. We also launched Cybersixgill IQ, leading the cybersecurity industry into a new era of threat intelligence enhanced with generative AI.”

“In 2022, we unveiled our Dynamic Vulnerability Exploit (DVE) Intelligence solution, delivering the security industry’s first end-to-end vulnerability exploit intelligence across the entire CVE lifecycle.

“In 2020, we launched Darkfeed to offer users real-time, actionable dark web indicators of compromise.”

“In 2019 we launched our automated multi-tenancy solution launched to give MSSPs actionable cyber threat intelligence. Garner also named us as one of the Cool Vendors.”

Customer Success Stories

After asking Reish about customer success stories, he highlighted:

“We have many case studies across all vertical industries available on our website. One in particular is with a multinational financial services organization. The company has more than 5,000 employees and 2,500+ branches spread across 20 countries. The SOC’s threat intelligence and Computer Security Incident Response Teams (CSIRT)  had to rely only on two threat intelligence feeds, both of which were manual feeds containing outdated information and telemetry loaded with false-positives.”

“In addition to the data being irrelevant and inaccurate, the volume of data was growing rapidly, creating intelligence bottlenecks and information fatigue. This resulted in a reactive security posture and a team that lacked context and visibility into the attacker’s mindset, placing the organization at tremendous risk.”

“In an effort to accelerate time-to-intel and optimize workflows, this company chose Cybersixgill’s threat intelligence with our indicators of compromise (IOC) module. Initially adopted by IR teams, the IOC feed was seamlessly integrated with their SIEM, SOAR, and VM platforms and their Firewall.”

“Later, usage was expanded to additional threat intelligence teams who began using Cybersixgill’s Investigative Portal, and the value grew exponentially. Their fraud teams are now able to accelerate the discovery and remediation of zero-day exploits and threats, prioritizing their responses to malicious activity across various units in the enterprise.”

“They now also have access to unprecedented actionable fraud-related intelligence in real time, receiving customized fraud notifications to assist remediation efforts.”

“By having preemptive, fresh intelligence (within hours instead of days), they were able to instantly reduce response times by 75% and detect 7x more threats.

“Realizing the value we provided them, the threat intelligence team expanded the service to include our Investigative Portal with actionable alerts. This empowered them to further investigate IOCs in real-time. The Portal accelerated detection and remediation times, while providing unmatched visibility and insight into each and every threat actor’s context, history and mindset.”

Funding

When asking Reish about the company’s funding/revenue information, he revealed:

“As of May 2024 our net revenue retention rate has been over 100% for the last 3 quarters in a row. Prior funding news.
Total Addressable Market

What total addressable market (TAM) size is the company pursuing? Reish assessed:
“The global threat intelligence market size is projected to grow from $5.80 billion in 2024 to $24.85 billion by 2032, at a CAGR of 20.0% during the forecast.” (Source)
Differentiation From The Competition

What differentiates the company from its competition? Reish affirmed:

“Collection – We offer up to date threat intelligence by automatically maintaining collection from the widest set of sources and adapting swiftly to new customer needs. No manual intervention and bottlenecks during this process.”

“Analysis – We significantly reduce the response time to threats by using AI models to quickly process large amounts of data into operational threat intelligence. No manual intervention and bottlenecks during this process.”

“Delivery – We make it easier than ever to proactively detect and respond to imminent threats by providing flexible delivery options for all use cases, personas, and maturity levels. No manual intervention and bottlenecks during this process.”

“With Cybersixgill, security teams can:

1.) Block threats before they can be weaponized in an attack. Using advanced AI and machine learning algorithms, we immediately prioritize, enrich and score data, swiftly publishing profiles and identifying behavioral patterns that let security teams apply timely, proactive solutions before new attack missions are launched

2.) Seamlessly integrate intelligence into current security technology according to the unique assets, needs and workflows of the organization. With 40 API endpoints and 24 integration partners, we support a broad range of use cases and can create new integrations within weeks as needed.”

Additional Thoughts

Any other topics to discuss? Reish concluded:

“One of the fastest growing areas for threats and attacks is taking place with third party supply chain connections. Companies are at higher risk than ever before through their partner ecosystem. Our recently announced third party module delivers vendor-specific cybersecurity and threat intelligence to organizations’ security teams, enabling them to continuously monitor and detect risks to their environment arising from third-party suppliers and take preemptive action before an attack executes.”

“Our module combines vendor-specific cyber threat intelligence (CTI) with cybersecurity posture data from suppliers’ tech environments, exposing a critical blind spot for security teams. With this intelligence, threat analysts and security operations teams can identify threats from the supply chain and expand their threat exposure management efforts.”

“We believe threat intelligence and generative AI are the perfect match to help security teams get ahead of any potential beachhead – the only way to secure your assets is to know who your attacker is.”