Cynet platform, an important component of the Safetech SOC, is validated consecutively in the MITRE ATT&CK tests

Cynet platform, an important component of the Safetech SOC, is validated consecutively in the MITRE ATT&CK tests

In cybersecurity there is little room for experimentation. When responsiveness is of the essence, using mature, tested, and market-validated tools becomes the safest choice. In this context, Cynet, supplier that has been in the Safetech Innovations portfolio for several years, has obtained, for three consecutive years, the maximum protection and visibility score in the MITRE ATT&CK tests.

This year’s assessment subjected vendors to advanced adversary emulations, extending the test scenarios to Windows, Linux and AWS Cloud environments, which reinforces the relevance of the results obtained.

The cyber threat landscape in Romania has become significantly more aggressive, and the trend is clearly upward. According to data published by DNSC (National Directorate of Cyber Security), we are witnessing an explosion of malware (+286.8%), in parallel with increasingly sophisticated ransomware attacks. The incidence of cyber fraud, compromised applications (+125%), brute-force attacks and compromised account incidents also increased, signaling an accelerated escalation of automated attacks.

At the same time, supply chain attacks – including those associated with Advanced Persistent Threat (APT) groups – are on the rise in Romania, especially targeting employees with extended privileges and access to critical systems. This trend is also confirmed at European level by the ENISA Threat Landscape 2025, which shows that the most targeted sectors are public administration, transport, digital infrastructure and services, the financial sector and the manufacturing industry.

In this context, until the end of the first quarter of 2026 we are running a promotional campaign dedicated to public sector organizations in Romania, through which we offer significant price reductions for Cynet solutions in the Safetech portfolio.

Integrated platforms increase security

Fragmented solutions create operational complexity, response delays, and high costs. That’s where a platform like Cynet comes in, which integrates threat protection, detection, and response.

Using a unified platform instead of several individual solutions provides protection against a wide range of cyber threats, from malware and ransomware to phishing, DDoS or APT attacks, but also a welcome operational simplification. It provides an effective defense system for sensitive data and intellectual property, enabling compliance with standards such as NIS2 or DORA. In addition, by centralizing and integrating security tools, the platforms provide complete visibility into the security posture, simplify management, and enable rapid identification of vulnerabilities.

A modern platform provides solutions to the main challenges faced by cybersecurity teams, by:

• Automation. SOC teams face many repetitive tasks that consume time and resources. Cybersecurity platforms solve this problem by automating these activities using APIs, scripts, and playbooks, allowing for the automatic generation of security profiles, configuration files, or web portals for easy access to functionality.

• Threat Prevention. An effective security program is not limited to detecting and responding to attacks, but also integrates proactive measures. Modern cybersecurity platforms prevent attacks by using AI and machine learning (ML) to analyze large volumes of data, identify threats, and automatically trigger actions such as blocking attacks and updating firewall rules, thus protecting systems before they are compromised.

• Centralized management. Managing multiple security tools reduces the efficiency of security teams and slows down threat response. Security platforms centralize monitoring and management, thereby improving threat prevention, detection, and response. At the same time, it provides centralized access to multiple data sources and allows for rapid triggering of remediation actions.

What does the Cynet platform excel at?

In the MITRE ATT&CK Enterprise 2025 tests, the Cynet platform achieved a maximum score of 100% protection and 100% visibility in detection, for the third consecutive year. The results were achieved through the use of AI elements, but without any additional configuration and without false positive alerts. Cynet blocked all attacks, detected each of the 90 attack actions executed by MITRE, demonstrating exceptional performance and reliability in protecting organizations.

These tests show that Cynet provides complete protection by automatically detecting and blocking advanced threats, eliminating the complexity and overlap of security tools, and ensuring rapid response in just a few seconds. The platform protects the entire IT environment of the organization, from terminal devices to the cloud through functions and components such as:

• Integrations and flexibility. Cynet connects with previously existing IT and security tools in organizations (e.g. SIEM or SOAR), using hundreds of APIs and over 80 built-in integrations to collect data (50+ data sources) and coordinate response across the entire IT and security ecosystem, providing complete visibility and centralized control.

• CyAI is the AI engine of the Cynet platform, which learns from millions of real-world examples and constantly adapts, prevents, detects, investigates, and responds to threats in real-time. CyAI includes User and Entity Behavior Analytics (UEBA) capabilities for monitoring the behavior of endpoint devices, Security Information and Event Management (SIEM) behavioral analysis, and an AI correlation engine for rapid signal triage. The platform autonomously detects 97% of threats, automatically remediates 90% of them, reduces false positive alerts below 0.9%, and isolates and blocks threats in less than a second, according to Cynet data. It also detects and blocks malware before execution, in real time.

• Cynet SOAR (Security Orchestration, Automation, and Response). Cynet reduces response time from hours to seconds. Using predefined playbooks, the platform automatically isolates compromised systems, can stop dangerous traffic, eliminating threats, completely unifying detection, investigation and response across the entire IT environment. Natively integrated into the platform, the SOAR solution eliminates the need for expensive third-party tools and ensures up to 50 times faster response than in manual flows.

• Cynet XDR (Extended Detection & Response) centralizes security data from all environments and reduces management complexity by automating repetitive tasks. The platform collects and analyzes critical data from endpoints, identity and access management (IAM) systems, network devices, and cloud environments in real-time, detecting complex attack patterns and potential threats. Through continuous monitoring and real-time alerts, Cynet XDR eliminates blind spots and enables SOC teams to react quickly.