What's New · July 2026
SCYTHE 5.2
Our Team's Biggest Upgrade Yet.
AI that builds your tests from CTI directly. Scores that prove your readiness. A platform that moves as fast as your adversaries. SCYTHE 5.2 does in minutes what used to take days.
10x
Faster Test GENERATION
Deterministic AI-powered generation
73%
Faster Exposure Remediation
Prioritized exposure telemetry
8x
Automated Gap ANALysis
Automatically find and fix testing gaps
★ Flagship Feature
From Threat Intel to Executed Test.
Automatically.
SCYTHE 5.2 ingests the intelligence, builds the tests, finds the gaps, and drives the fix. You focus on decisions, not busywork.
Security teams have always been outpaced by the speed at which adversaries operate. SCYTHE 5.2 closes that gap end to end. The platform automatically ingests cyber threat intelligence, analyzes it, and generates sequenced, adversary-aligned tests without manual TTP configuration. Every run feeds gap and exposure analysis with automated remediation workflows, and built-in support for tabletop and purple team planning, orchestration, and reporting turns validation into a continuous program. No configuration. No guesswork. Just execution.
CTI to Test Generation
Intel In. Tests Out.
SCYTHE 5.2 automatically ingests threat intelligence, analyzes it, and converts it into complete, executable campaigns sequenced the way a real adversary operates. What used to take days of manual reading and TTP mapping now happens as the intel arrives.
Gap & Exposure Analysis
Find the Gaps. Close Them Faster.
Every test result feeds automated gap and exposure analysis, so you see exactly where controls failed and why. Remediation automation turns findings into action: prioritized fixes, routed to the right owners, validated on retest.
Tabletop & Purple Team
Exercises Without the Overhead.
Plan, orchestrate, and report on tabletop and purple team exercises inside the platform. SCYTHE 5.2 handles scenario planning, live execution coordination, and stakeholder-ready reporting, so exercises take days to run, not weeks to prepare.
"10x reduction in test design time: from days to minutes."
SCYTHE 5.2 AI CTI to Test Generation
What's New in 5.2
Closed-Loop Security Validation.
Humans in Charge.
SCYTHE 5.2 connects the entire validation lifecycle: threat intelligence becomes tests, tests reveal gaps, gaps become prioritized fixes, and fixes are re-validated automatically. Every step stays under your team's control.
CTI
From Intel to Executable Test
Ingest cyber threat intelligence and SCYTHE analyzes it and generates sequenced, adversary-aligned campaigns automatically. Intel in, executable tests out, no manual TTP mapping.
Adaptive
Tests That Pivot Like Attackers
When a step is blocked, the platform automatically attempts alternative techniques toward the same objective, just like a real adversary. Blocked steps surface as detection evidence, and you control the behavior per campaign.
MITRE
Automated Coverage Gap Analysis
SCYTHE overlays your ATT&CK heat map against campaign history, flags untested techniques, and builds gap-fill campaigns in one click. Coverage trends give leadership proof of improving posture.
Fix
Guided Remediation
Findings are correlated into prioritized exposures with plain-language descriptions, recommended fixes, and ownership tracking through your ITSM platform. Resolved exposures are re-validated automatically on the next run.
AI
In-Platform AI Assistant
Ask questions in plain language and get answers grounded in your actual data: campaign stats, coverage gaps, exposure status, and recommended next steps, without leaving the platform.
Purple
Full Tabletop & Purple Team Support
Comprehensive exercise capability from planning to development to live exercise orchestration to reporting. Run tabletop and purple team engagements end to end inside SCYTHE.
Also New in 5.2.1
A Threat Library That Knows Your Threat Landscape
The Threat Library is redesigned as a personalized, card-based catalog. Set your industry and region once, and the library surfaces the atomics, ransomware groups, and APT campaigns most relevant to your organization first, with OS support visible at a glance and the full catalog always one click away.
Spotlight Capability
Threat Intel Piles Up Fast.
Now It Tests Itself.
SCYTHE 5.2 turns cyber threat intelligence into executable tests, automatically.
Most CTI is read once and shelved. The question that matters, would this attack work against us, goes unanswered. SCYTHE 5.2 closes that loop: ingest the intelligence, let the platform analyze it and map the TTPs, and get a sequenced, adversary-aligned campaign ready to execute. From report to result in minutes, not sprint cycles.
Automated Ingest
Feed in the intelligence your team already consumes: threat reports, advisories, and indicator sets. No reformatting, no manual extraction. The platform takes CTI as it arrives and puts it to work.
AI-Driven Analysis
SCYTHE analyzes the intelligence, extracts adversary behaviors, and maps them to MITRE ATT&CK techniques. Hours of analyst reading and manual TTP mapping become an automated step.
Instant Test Generation
The output is a complete, sequenced campaign that emulates the adversary as reported, ready to review and execute. Validate your controls against today's threat while it's still today's threat.
Threat Preparedness Scores
Prove Your Posture.
Not Just Assert It.
For the first time, SCYTHE gives your team quantified, continuously-updated scores across the three threat categories boards and CISOs ask about most. Every test you run feeds the score. Every improvement is evidence you can report upward.
Ransomware Readiness
How well do your controls hold up against ransomware-aligned attack patterns? SCYTHE now scores it continuously — not once a quarter.
Phishing Resilience
Beyond awareness training — a measurable score that reflects how effectively your organization detects and stops email-based attacks at the control level.
Insider Threat Posture
A visibility score tracking whether your detection capabilities cover behaviors associated with malicious or negligent insiders — a gap most teams don't measure.
Scores update continuously as you run emulations.
A living view of preparedness — not a point-in-time snapshot.