Startup Diligence
Diligence report Enterprise Tech / data security and AI security Private unicorn

Cyera

Cyera Diligence Report

Proceed only with full financial, customer, security, legal, and cap-table diligence; public evidence supports eligibility and market relevance but not transaction pricing.

Company profile

Cyera Diligence Report

Cyera is a credible high-growth private cybersecurity unicorn with strong public signals in DSPM, AI security, enterprise logos, compliance posture, and leadership depth, but the public record is insufficient to underwrite valuation, revenue quality, customer concentration, retention, legal exposure, or cap-table economics.

Sector
Enterprise Tech / data security and AI security
Geography
United States / Israel
Stage
Private unicorn
Report version
1.0

Executive summary

Strengths

  • Cyera is a credible high-growth private cybersecurity unicorn with strong public signals in DSPM, AI security, enterprise logos, compliance posture, and leadership depth, but the public record is insufficient to underwrite valuation, revenue quality, customer concentration, retention, legal exposure, or cap-table economics.

Risks

    Gaps

    • Audited financials, ARR, bookings, revenue recognition, gross margin, burn, cash/debt, backlog, and AR aging.
    • Cap table, preferred terms, option pool, debt, warrants, secondary transactions, and current fair-value evidence.
    • Customer contracts, top-customer ARR, renewal calendar, churn/NRR, pricing, implementation timelines, support tickets, and reference calls.
    • Product telemetry, false-positive/false-negative performance, security incidents, model-risk controls, roadmap delivery, and cloud cost economics.
    • Official legal docket search, IP assignment records, open-source/SBOM review, regulatory correspondence, and insurance claims.

    Risk register

    high medium likelihood

    R-003: Product performance claims require technical validation

    Rapid time-to-value, 95%+ precision, and 80% risk-reduction claims are company-published and subset-based.

    Diligence request: Run benchmark tests, customer reference checks, false-positive/negative analysis, and architecture review.

    high unknown likelihood

    R-001: Financial quality and cash runway opacity

    Public materials do not disclose audited statements, ARR, margin, burn, cash/debt, backlog, receivables, or forecast accuracy.

    Diligence request: Request financial statements, KPI pack, ARR bridge, gross margin, cash/debt, burn/runway, and board plan.

    high unknown likelihood

    R-002: Headline valuation may not reflect security-level economics

    Public $9B valuation anchors do not reveal share class, liquidation preferences, option pool, debt, warrants, secondary activity, or current fair value.

    Diligence request: Review cap table, financing documents, preference stack, 409A reports, and recent transaction support.

    high unknown likelihood

    R-005: Customer concentration and renewal durability unknown

    Public logos do not disclose ARR, top-customer concentration, deployment depth, renewal status, churn, or NRR.

    Diligence request: Request top-customer schedule, contracts, renewal calendar, churn/NRR cohorts, usage telemetry, and reference calls.

    high unknown likelihood

    R-011: Legal and IP exposure not fully searched

    Public review did not include comprehensive official docket, IP, open-source, acquisition, or assignment-chain searches.

    Diligence request: Conduct official docket/IP searches and review legal schedule, IP assignments, OSS/SBOM, licenses, and counsel letter.

    high unknown likelihood

    R-012: Privacy and security assurance gaps

    Trust and privacy pages show public posture, but audit exceptions, DPAs, incidents, subprocessors, DPIAs, and regulatory correspondence are private.

    Diligence request: Review SOC 2/ISO reports, pen tests, incident log, DPA templates, subprocessors, privacy requests, and regulatory correspondence.

    medium medium likelihood

    R-004: AI-security roadmap and acquisition integration risk

    Newsroom signals AI-security expansion and Ryft acquisition, but integration, roadmap timing, costs, and monetization are not public.

    Diligence request: Review roadmap, acquisition agreement, integration plan, acquired IP, customer pilots, and R&D cost by initiative.

    medium medium likelihood

    R-006: Cloud, platform, and supplier dependency

    Product value depends on data-store/cloud/security integrations and trust-center infrastructure controls; vendor terms and cloud cost are private.

    Diligence request: Review supplier contracts, cloud spend, subprocessor list, integration dependencies, uptime, and incident history.

    Chapter 01

    01Financial Information

    Public sources verify unicorn-list status and several headline financing/valuation signals, but operating financials, capital structure, projections, accounting policies, tax positions, and debt obligations are not public.

    I.A Financial Statements

    not publicly verifiable confidence: high

    No audited financial statements, management accounts, revenue, margin, cash, debt, backlog, or receivable schedules were found in public sources.

    Evidence gaps

    • Audited financials, monthly management accounts, ARR/bookings, gross margin, cash/debt, backlog, AR aging, revenue-recognition memo, and budget-to-actuals.

    Hidden risks

    • Revenue quality, margin profile, burn/runway, collections, deferred revenue, and debt obligations could diverge materially from growth narrative.

    Follow-up questions

    • Provide three years of audited or management financials and monthly KPI pack.
    Financial-information public gap matrix
    Financial areaPublic statusPrivate request
    Revenue, ARR, bookings, and marginNot public; only lower-confidence third-party estimates were found.ARR bridge, bookings, revenue-recognition policy, gross margin by product, churn, and NRR.
    Cash, debt, runway, and burnNot public.Cash/debt schedule, lender documents, monthly burn, runway, and board-approved budget.
    Backlog, deferred revenue, and AR agingNot public.Backlog, RPO, billings, deferred revenue, invoicing, collections, and AR aging.

    Financial quality is the highest-priority diligence gap.

    Public valuation and financing anchors Bar chart of public dollar anchors available for Cyera.

    Dollar amounts are public anchors, not transaction underwriting.

    I.B Financial Projections

    not publicly verifiable confidence: medium

    Public materials support a high-growth financing narrative, but forecasts, plan assumptions, sales productivity, and downside scenarios are private.

    Evidence gaps

    • Board-approved model, ARR bridge, bookings forecast, pipeline coverage, cohort retention, pricing assumptions, hiring plan, and cash runway.

    Hidden risks

    • Forecasts may embed aggressive AI-security adoption, enterprise upsell, or pricing assumptions not supported by cohort data.

    Follow-up questions

    • Provide plan-vs-actuals, board forecast, KPI bridge, sensitivity cases, and valuation support.
    Public valuation and financing anchors
    AnchorPublic evidenceDiligence implication
    CB Insights unicorn row$9B valuation, date joined 2024-04-09, United States, New York, Enterprise Tech, investors Accel, CyberStarts, Sequoia Capital.Verify current valuation, financing terms, post-money support, and whether later financing or secondaries changed economics.
    Newsroom valuation/funding media signalCompany newsroom links to a Fortune item titled "Cyera CEO Yotam Segev on raising $400 million ... $9 billion valuation."Treat as a public media/link signal and request financing documents before relying on the amount.
    Lower-confidence analyst/profile estimateGetLatka profile reports $288M 2024 revenue, $6B valuation in 2025, $1.3B total funding, and 1.1K employees.Use only as a diligence lead; reconcile against audited financials, board KPIs, and cap table.

    Public anchors are not a substitute for primary financing documents.

    I.C Capital Structure

    partially verified confidence: medium

    Investor names and headline valuation are public; ownership, preferred rights, option pool, debt, and secondary transactions are private.

    Evidence gaps

    • Stockholder ledger, financing documents, liquidation preferences, conversion rights, pro rata rights, voting rights, debt/warrants, and 409A reports.

    Hidden risks

    • Preference stack, investor rights, debt, warrants, or option-pool expansion could materially change common-equity economics.

    Follow-up questions

    • Provide full cap table, financing history, debt schedule, and all investor-rights documents.
    Capital structure and ownership diligence matrix
    ItemKnown statusDiligence need
    Named investorsInvestor signal verified publicly, but holdings and rights are not.Stockholder ledger, preferred terms, board rights, information rights, and pro rata rights.
    Preferred stock, option pool, and dilutionNot publicly verifiable.Cap table, option/RSU schedule, SAFEs/notes, warrants, debt, and secondary transactions.
    Transaction valuation supportHeadline public anchor only.Financing documents, price-per-share, liquidation stack, 409A/fair value, and investor demand evidence.

    Public valuation evidence cannot determine security-level economics.

    I.D Other Financial Information

    not publicly verifiable confidence: low

    Tax, accounting-policy, NOL, lease, and off-balance-sheet information is not public.

    Evidence gaps

    • Tax returns, NOL schedule, accounting policies, leases, debt, deferred revenue, and off-balance-sheet obligations.

    Hidden risks

    • Unrecorded liabilities, tax/NOL limitations, lease commitments, or revenue-recognition issues may exist.

    Follow-up questions

    • Provide tax, audit, lease, debt, and accounting-policy schedules.
    Chapter 02

    02Products

    Company sources support a broad data-security and AI-security product story, but public evidence does not prove classification accuracy, false-positive rates, deployment economics, platform scalability, or roadmap delivery.

    II.A Product and Service Offerings

    partially verified confidence: medium

    Public product pages describe modules for DSPM, DLP, AI Guardian, privacy, classification, remediation, access trails, identities, and integrations.

    Evidence gaps

    • SKU-level revenue, attach rate, deployment effort, integration quality, uptime/SLA history, false-positive and false-negative metrics.

    Hidden risks

    • Product breadth may outpace implementation maturity, integration depth, support capacity, or buyer willingness to consolidate.

    Follow-up questions

    • Provide product telemetry, SKU revenue, deployment cohort data, QA/security architecture, and top integration test results.
    Public product capability matrix
    CapabilitySource evidence
    AI Security PlatformPlatform and company pages.
    Agentless discovery and classificationCompany and platform pages.
    DSPM, DLP, AI Guardian, privacy, remediation, access trail, identities, integrationsPlatform page.

    Company-published capability descriptions require customer and technical validation.

    Pricing, packaging, and performance diligence gaps
    AreaVerification status
    Pricing and packagingnot_publicly_verifiable
    Performance metricspartially_verified
    Roadmap and acquisition integrationpartially_verified

    Metrics are useful leads, not audited product proof.

    Cyera public product architecture map Conceptual architecture based only on Cyera product pages.

    Conceptual only; not a verified architecture.

    II.B Product Roadmap

    partially verified confidence: medium

    Public newsroom signals show ongoing AI-security expansion and an acquisition by Cyera, but release dates, R&D costs, adoption, and monetization are private.

    Evidence gaps

    • Roadmap, release status, acquisition integration plan, product usage, ARR by product, R&D capitalization, and customer pipeline by module.

    Hidden risks

    • Acquisition integration, AI-agent security controls, and roadmap execution could require more R&D and services than public materials suggest.

    Follow-up questions

    • Provide roadmap, release criteria, AI governance design review, acquisition integration plan, and customer adoption metrics.

    II.C Product Pricing and Packaging

    not publicly verifiable confidence: high

    Public sources reviewed do not disclose list prices, discounting, usage metrics, contract terms, or packaging economics.

    Evidence gaps

    • Pricing books, discount policy, contract terms, renewal uplift, services mix, and gross margin by SKU.

    Hidden risks

    • Pricing may depend on volume, data scanned, modules, or services in ways that affect margin and renewal risk.

    Follow-up questions

    • Provide customer contracts, price book, discount approvals, usage metric definitions, and margin by package.
    Chapter 03

    03Customer Information

    Public pages show credible enterprise-logo and trust-center customer signals, but customer count, top-account concentration, contract value, retention, churn, deployment depth, and reference quality remain private.

    III.A Customers and Revenue by Customer

    partially verified confidence: medium

    Company pages reference named customers and trust-center logos, but no public revenue by customer or concentration data was found.

    Evidence gaps

    • Customer list, ARR by customer, usage, deployment status, renewal dates, churn/NRR, concentration, references, and contract obligations.

    Hidden risks

    • Logo use may include pilots, expired relationships, low-ARR accounts, or non-production deployments.

    Follow-up questions

    • Provide top-25 customer schedule, contracts, renewal calendar, NRR/churn cohorts, product usage, and reference-call permissions.
    Public customer and logo evidence
    Customer or logo signalEvidence type
    Paramount Pictures and Mercury FinancialCompany-published customer reference.
    Paramount, Valvoline, Vetcor, Cass Information SystemsCompany-published customer story/logo signal.
    Paramount, DocuSign, AT&T, Chipotle, PelotonTrust-center logo/review signal.

    Logo evidence does not equal ARR concentration proof.

    Customer, partner, and supplier diligence matrix
    Relationship areaRisk
    Top-customer concentrationLogo concentration or churn can be hidden.
    Cloud and technical suppliersCloud cost, security dependency, and platform API risk.
    Channel and ecosystem partnersChannel pipeline and co-sell quality may be overestimated.

    Relationship economics require direct contract review.

    Customer-logo evidence status chart Bar chart separating named public logo clusters by evidence status.

    Counts may include overlapping or non-customer trust/review relationships.

    III.B Strategic Relationships and Partnerships

    partially verified confidence: medium

    Public materials imply investor, board, customer, compliance, and technology-ecosystem relationships, but partner economics and commitments are not disclosed.

    Evidence gaps

    • Partner agreements, reseller/channel pipeline, platform API terms, cloud spend, implementation partners, and supplier concentration.

    Hidden risks

    • Cloud/SaaS platform dependencies, reseller terms, MSSP/channel commitments, or marketplace policies could constrain margins or growth.

    Follow-up questions

    • Provide supplier list, partner agreements, co-sell/channel metrics, cloud cost schedule, and integration-dependency register.

    III.C Backlog and Customer Pipeline

    not publicly verifiable confidence: high

    Backlog, bookings, pipeline stage, win rates, and customer success metrics are not publicly verifiable.

    Evidence gaps

    • Backlog, weighted pipeline, stage conversion, sales cycle, implementation backlog, support backlog, and customer-health scores.

    Hidden risks

    • Pipeline may be concentrated in a few large enterprise accounts or require long security/procurement cycles.

    Follow-up questions

    • Provide pipeline report, bookings bridge, implementation backlog, and customer-health dashboard.
    Chapter 04

    04Competition

    Cyera competes in a crowded enterprise data-security and AI-security market against DSPM, DLP, CNAPP, CASB, data-governance, identity, and native cloud/security platform vendors; public evidence does not prove win rates or durable differentiation.

    IV.A Competitive Landscape

    partially verified confidence: medium

    Public product positioning spans discovery/classification, DSPM, DLP, identity/access context, and AI security, placing Cyera across multiple competitive categories.

    Evidence gaps

    • Win/loss data, competitive displacement detail, pricing comparisons, analyst evaluation detail, renewal threats, and partner channel conflict.

    Hidden risks

    • Incumbents may bundle adjacent functionality into broader security suites, increasing pricing pressure and switching friction.

    Follow-up questions

    • Provide win/loss reports, competitive battlecards, displacement examples, pricing benchmarks, and churn reasons.
    Competitive comparison matrix
    Competitor categoryCyera public differentiator
    DSPM and data-security posture vendorsAI Security Platform breadth and agentless discovery.
    DLP/CASB/SSE/CNAPP suitesData-centric classification and risk context.
    Native cloud/data-platform controlsCross-environment visibility and AI-security positioning.

    Specific vendor-by-vendor win data is not public.

    Basis-of-competition scoring
    AxisEvidence strength
    Deployment speedCompany-published only.
    Classification precisionCompany-published metric.
    Enterprise trustPublic trust/customer materials.

    Evidence strength is mostly company-published and requires independent validation.

    Competitive positioning market map Qualitative map of Cyera's public positioning across competitive categories.

    Competitor categories are analytical framing, not market-share proof.

    IV.B Basis of Competition

    partially verified confidence: medium

    Publicly claimed bases of competition include agentless deployment, AI classification precision, breadth across data stores, and rapid risk reduction, but independent benchmarks are absent.

    Evidence gaps

    • Independent benchmark tests, customer-specific ROI evidence, false-positive/false-negative rates, and expansion rates against competitors.

    Hidden risks

    • Claims may be sample-biased; competitive parity or native-platform controls could reduce differentiation.

    Follow-up questions

    • Provide benchmark methodology, proof-of-value results, win/loss analytics, and controlled classification-quality evaluation.
    Chapter 05

    05Marketing, Sales, and Distribution

    Public GTM signals show enterprise positioning, security-leader messaging, customer logos, press/newsroom activity, and active hiring, but CAC, channel mix, pipeline conversion, rep productivity, and budget efficiency are private.

    V.A Marketing Strategy and Positioning

    partially verified confidence: medium

    Cyera positions around protecting data and securing AI for security leaders, with newsroom and customer proof points supporting awareness-building.

    Evidence gaps

    • Marketing plan, campaign ROI, lead sources, channel contribution, brand awareness, and conversion by segment.

    Hidden risks

    • Category education and executive selling could require high spending if buyer urgency or budget consolidation weakens.

    Follow-up questions

    • Provide marketing budget, funnel metrics, campaign ROI, and pipeline source attribution.
    Distribution channels and GTM motions
    GTM motionDiligence implication
    Direct enterprise security sellingLikely enterprise sales motion with long security/procurement cycles.
    Trust and compliance-led conversionSecurity assurance may help deals but can also elongate review cycles.
    Newsroom and executive mediaAwareness is visible, but conversion economics are unknown.

    Public GTM evidence is qualitative.

    Sales productivity and budget public gaps
    MetricWhy it matters
    CAC, payback, and sales efficiencyDetermines whether valuation can be supported by efficient ARR growth.
    Pipeline conversion and quota attainmentEnterprise security sales may be long-cycle and resource-heavy.
    Channel and partner contributionPartner channels can accelerate growth but compress margin or create dependency.

    GTM efficiency cannot be assessed from public materials.

    Public GTM evidence channel chart Bar chart of public GTM evidence signals by channel type.

    Index is analyst-scored public evidence availability, not performance.

    V.B Sales Channels and Distribution

    partially verified confidence: medium

    Careers and public customer signals suggest direct enterprise sales plus ecosystem/security-review motions, but channel contribution is not public.

    Evidence gaps

    • Direct versus channel ARR, pipeline stages, rep quota/attainment, sales cycle, partner-sourced pipeline, and implementation capacity.

    Hidden risks

    • Sales productivity may be constrained by long enterprise procurement, complex security review, and implementation resources.

    Follow-up questions

    • Provide sales productivity model, channel pipeline, quota/attainment, partner contribution, and implementation staffing.

    V.C Sales Compensation and Budget

    not publicly verifiable confidence: high

    Sales compensation, CAC, payback, quotas, hiring plan, and marketing budget are not public.

    Evidence gaps

    • CAC, payback, quota attainment, pipeline coverage, sales cycle, marketing budget, and rep ramp.

    Hidden risks

    • High valuation may depend on efficient ARR growth that public data cannot verify.

    Follow-up questions

    • Provide GTM operating model, cohort CAC/payback, and sales compensation plan.
    Chapter 06

    06Research and Development

    Product pages show technical domains and an AI-security roadmap direction, but engineering headcount, R&D spend, build-versus-buy dependencies, model-risk controls, quality metrics, and roadmap status are private.

    VI.A R&D Organization

    partially verified confidence: medium

    Leadership pages identify technical executives and security leadership, but detailed engineering org, quality process, and budget are private.

    Evidence gaps

    • R&D org chart, engineering headcount, SDLC, QA metrics, incident/postmortem history, technical debt, and cloud-cost architecture.

    Hidden risks

    • Key-person dependency, integration debt, or insufficient quality/security engineering may be hidden.

    Follow-up questions

    • Provide R&D org chart, roadmap staffing, SDLC/security review, QA dashboards, architecture review, and technical-debt register.
    R&D personnel and technical-domain signals
    SignalDiligence implication
    Founder/CTO and technical leadershipLeadership depth appears public, but org and execution metrics are private.
    Product scopeBroad scope increases integration, QA, and support complexity.
    Trust/security documentationSecurity maturity signal needs underlying report review.

    Public evidence does not show R&D budget or quality metrics.

    Public product and research pipeline
    Pipeline areaVerification status
    AI security and agentic AI securitypartially_verified
    Discovery and classificationpartially_verified
    Remediation and action layerpartially_verified

    Roadmap status cannot be determined from public pages alone.

    R&D roadmap dependency map Conceptual R&D dependency map derived from public product pages.

    Use for technical diligence planning.

    VI.B New Product Pipeline

    partially verified confidence: medium

    Public materials show ongoing AI security, DLP, data discovery, classification, remediation, and acquisition-related expansion, but pipeline economics and delivery status are not public.

    Evidence gaps

    • Roadmap, release acceptance criteria, customer pilots, model-risk evaluation, R&D cost by initiative, acquisition integration, and patents.

    Hidden risks

    • AI-security roadmap could be technically complex, fast-moving, and hard to monetize if controls or integrations lag.

    Follow-up questions

    • Provide roadmap, beta pipeline, release metrics, AI model governance, and product-margin analysis.
    Chapter 07

    07Management and Personnel

    Public sources support a named executive team and active global hiring footprint, but full org chart, headcount, compensation, employment agreements, turnover, and employee-relations issues are not public.

    VII.A Organization Chart

    partially verified confidence: medium

    Named leaders are public, but reporting lines and succession planning are not.

    Evidence gaps

    • Full org chart, reporting lines, biographies, references, succession plans, and board minutes.

    Hidden risks

    • Founder/key-executive concentration, succession gaps, or executive turnover could be hidden.

    Follow-up questions

    • Provide full org chart, management references, succession plan, and board observer/committee structure.
    Senior management roster
    NameDiligence implication
    Yotam SegevKey-person and fundraising/customer-leadership diligence.
    Tamar Bar-Ilan; Yonatan ItaiProduct and technical leadership concentration.
    Jason Clark; Brandon Sweeney; Sharon Shaked; Steve Rog; Shira Azran; Lamont Orange; Aygun Suleymanova; Joseph Iantosca; Guy Gertner; Shiran Bareli; Yael GertelIndicates leadership breadth across security, revenue, finance, marketing, people, legal, and operations.

    Reporting lines are not publicly verified.

    Public workforce footprint chart Bar chart of public workforce-location signals and third-party headcount estimate.

    Mixed units are shown as public signals; verify against HRIS before use.

    VII.B Historical and Projected Headcount

    partially verified confidence: medium

    Careers page lists active locations and openings but does not disclose total headcount or hiring plan.

    Evidence gaps

    • Headcount by function/location, hiring plan, attrition, compensation bands, visas, contractors, and workforce costs.

    Hidden risks

    • Growth may require rapid hiring across regions, raising execution, culture, compliance, and compensation risk.

    Follow-up questions

    • Provide HRIS export, hiring plan, attrition data, compensation bands, and contractor/visa schedules.
    Headcount and hiring signals
    Workforce signalDiligence implication
    Global office/hiring locationsMulti-region employment, compliance, and coordination complexity.
    Active hiring categoriesGrowth plan may require continued GTM hiring and cash investment.
    Third-party headcount estimateEstimate should be reconciled to HRIS; not a definitive count.

    Headcount data must be verified against HR records.

    VII.C Key Employees and Compensation

    not publicly verifiable confidence: high

    Executive names are public; compensation, equity, retention packages, and invention-assignment coverage are private.

    Evidence gaps

    • Employment agreements, option grants, severance/change-in-control terms, retention packages, invention assignments, and contractor IP assignments.

    Hidden risks

    • Key employees may have retention, non-compete, assignment, visa, or compensation issues that affect transaction risk.

    Follow-up questions

    • Provide employment, equity, invention-assignment, contractor, and change-in-control documents.

    VII.D Labor and Employee Relations

    inconclusive confidence: low

    No public labor disputes were identified in the sources reviewed, but this was not a comprehensive docket or HR review.

    Evidence gaps

    • HR claims log, employment litigation, arbitration matters, employee handbook, and compliance audits.

    Hidden risks

    • Employee claims, wage/hour issues, immigration matters, or contractor classification risks could be non-public.

    Follow-up questions

    • Provide HR claims log, employment-dispute register, handbook, EOR/contractor review, and immigration schedule.
    Chapter 08

    08Legal and Related Matters

    Public trust and privacy pages show a mature security/privacy posture, but litigation, regulatory correspondence, IP ownership, customer indemnities, insurance claims, subprocessors, and incident history require private legal review.

    VIII.A Pending Lawsuits Against the Company

    inconclusive confidence: low

    No verified pending lawsuit against Cyera was established from the usable public sources, but a comprehensive official docket search was not completed.

    Evidence gaps

    • Official docket searches, threatened-claims log, legal reserves, insurance claims, indemnity claims, and settlement agreements.

    Hidden risks

    • Undisclosed patent, employment, privacy, contract, or security-related claims could exist.

    Follow-up questions

    • Provide litigation schedule, threatened-claims log, insurance claims, settlements, and outside-counsel confirmation.
    Legal, litigation, and IP public review
    MatterVerification status
    Pending lawsuits against Cyerainconclusive
    Lawsuits initiated by Cyerainconclusive
    IP ownership and licensesnot_publicly_verifiable

    This is not a substitute for official docket and IP searches.

    Regulatory, privacy, and security matrix
    AreaDiligence request
    Security and compliance frameworksSOC 2 report, ISO certificate scope, PCI/HIPAA applicability, VPAT, audit exceptions, and customer security questionnaire history.
    Privacy and personal-data processingDPA templates, subprocessors, transfer impact assessments, retention policy, DPIAs, privacy requests, and regulatory correspondence.
    Incident and insurance historyIncident log, breach notifications, insurance policy/claims, pen-test results, remediation plans, and customer notices.

    Underlying compliance reports likely require NDA/data-room access.

    Legal, privacy, and diligence risk heatmap Heatmap of legal/privacy/security diligence risks.

    Heatmap reflects public-evidence gaps, not confirmed adverse events.

    VIII.B Pending Lawsuits Initiated by the Company

    inconclusive confidence: low

    No public evidence of lawsuits initiated by Cyera was verified from the sources used.

    Evidence gaps

    • Docket searches, claim letters, dispute register, collections matters, and enforcement strategy.

    Hidden risks

    • IP enforcement, customer disputes, collections actions, or vendor disputes may not appear in company materials.

    Follow-up questions

    • Provide dispute register, docket search results, and counsel letter.

    VIII.C Intellectual Property

    not publicly verifiable confidence: medium

    Product and brand claims are public, but patent portfolio, trade-secret protection, open-source obligations, and invention assignments were not verified.

    Evidence gaps

    • Patent/trademark list, invention assignments, OSS/SBOM, license obligations, trade-secret policies, contractor IP assignments, and acquisition IP chain.

    Hidden risks

    • Missing invention assignments, third-party code obligations, weak patent coverage, or trademark conflicts could reduce defensibility.

    Follow-up questions

    • Provide IP schedule, assignment documents, OSS/SBOM review, trademark search, patent counsel summary, and acquisition IP diligence.

    VIII.D Regulatory and Privacy Matters

    partially verified confidence: medium

    Trust center and privacy policy provide public compliance/privacy signals, but audit reports, exceptions, incidents, regulatory correspondence, and customer data-processing terms are private.

    Evidence gaps

    • SOC 2 report, ISO certificate scope, audit exceptions, pen-test reports, DPIAs, subprocessor list, customer DPAs, incident log, and regulatory correspondence.

    Hidden risks

    • Security exceptions, unresolved audit findings, breach history, data-residency gaps, or AI/privacy compliance issues could be undisclosed.

    Follow-up questions

    • Provide security/privacy data room, audit reports, incident history, DPA templates, subprocessor list, and regulatory correspondence.

    Evidence

    Evidence claims
    IDClaimStatusSources
    EC-001 CB Insights lists Cyera as a private unicorn at a $9B valuation, joined 2024-04-09, United States, New York, Enterprise Tech, with Accel, CyberStarts, and Sequoia Capital named as investors. verified high SRC-001
    EC-002 Cyera appears active rather than IPOed, acquired, or shut down based on current company, newsroom, trust, privacy, and careers pages. verified medium SRC-002SRC-006SRC-007SRC-008
    EC-003 Cyera publicly positions itself as an AI Security Platform with modules spanning data protection, access governance, AI security, DLP, privacy, classification, remediation, access trails, identities, and integrations. verified medium SRC-003
    EC-004 Cyera describes agentless deployment and AI-powered classification, including a company-page claim of deployment in five minutes and 95% accuracy. partially verified medium SRC-002
    EC-005 Cyera's platform page claims less than one day to value, 74PB in 7 days, 95%+ precision, and 80% less risk in three months based on a subset of customer examples. partially verified medium SRC-003
    EC-006 Cyera public customer signals include Paramount Pictures, Mercury Financial, Valvoline, Vetcor, and Cass Information Systems. partially verified medium SRC-002SRC-005
    EC-007 Cyera trust-center customer signals include Paramount, DocuSign, AT&T, Chipotle, and Peloton as organizations that trust or reviewed Cyera. partially verified medium SRC-004
    EC-008 Cyera Trust Center lists compliance and assurance topics including CCPA, EU-US DPF, GDPR, ISO/IEC 27001, PCI DSS, SOC 2, VPAT, C5, HIPAA, SIG Core, cyber insurance, application security, data security, and infrastructure/AWS. partially verified medium SRC-004
    EC-009 Cyera company page lists a named leadership team including Yotam Segev, Tamar Bar-Ilan, Yonatan Itai, Jason Clark, Brandon Sweeney, Sharon Shaked, Steve Rog, Shira Azran, Lamont Orange, Aygun Suleymanova, Joseph Iantosca, Guy Gertner, Shiran Bareli, and Yael Gertel. verified medium SRC-002
    EC-010 Cyera careers page shows active global footprint including New York, Tel Aviv, London, Chicago, San Francisco, St. Louis, Dallas, Toronto, and Sydney. verified medium SRC-006
    EC-011 Cyera privacy policy describes website/platform data processing and identifies business systems and providers including Salesforce, Marketo, Google/Microsoft, ZoomInfo, Frontegg, Mixpanel, and LinkedIn. verified medium SRC-008
    EC-012 Cyera newsroom shows active 2026 media and press activity, including a Fortune-linked headline about raising $400M and a $9B valuation and press-release headlines about board expansion and Ryft acquisition. partially verified medium SRC-007
    EC-013 Cyera company page and CB Insights identify investor and board-linked names, including Accel, Sequoia, Coatue, Cyberstarts, and other board/investor figures. partially verified medium SRC-001SRC-002
    EC-014 Core financial, customer, legal, employee, IP, and product-performance records are not publicly verifiable from the sources reviewed. not publicly verifiable high SRC-001SRC-002SRC-003SRC-004SRC-006SRC-008
    EC-015 GetLatka profile reports estimated/company-profile figures of $288M 2024 revenue, $6B 2025 valuation, $1.3B total funding, $540M Series E, and 1.1K employees. inconclusive low SRC-009
    Sources
    IDPublisherTitleAccessed
    SRC-001 CB Insights The Complete List Of Unicorn Companies 2026-05-20
    SRC-002 Cyera Company - Cyera 2026-05-20
    SRC-003 Cyera Platform - Cyera 2026-05-20
    SRC-004 Cyera Trust Center - Cyera 2026-05-20
    SRC-005 Cyera Cyera customer and homepage snippets 2026-05-20
    SRC-006 Cyera Careers - Cyera 2026-05-20
    SRC-007 Cyera Newsroom - Cyera 2026-05-20
    SRC-008 Cyera Privacy Policy - Cyera 2026-05-20
    SRC-009 Latka Cyera Revenue, Valuation & Growth Rate 2026-05-20

    Disclaimer

    This report is a public-evidence diligence snapshot, not investment advice. Important financial, legal, technical, and contractual facts remain non-public and should be verified directly with management and primary documents before any investment decision.