QSTP-backed startup addresses cybersecurity gaps in Qatar

A Qatari startup supported by the Qatar Science and Technology Park (QSTP) is keen on addressing evolving cybersecurity threats in the country, as well as the gaps in existing defence tools.

Cytomate co-founder Hamad Saleh Hadeed pointed out that the company focuses on proactively testing and exposing vulnerabilities, marking a shift from traditional defensive cybersecurity approaches.

“In early 2021, during a meeting at QSTP, the park’s incubation programme manager, Mohammed Zebian, handed me a napkin with a diagram sketch that mapped out the challenges of building a deep-tech product company in Qatar, including navigating funding cycles, limited investor familiarity with R&D-heavy startups, and a market still cautious about trusting local technologies,” Hadeed explained.

Later that year, Hadeed and co-founder, Dr Muhammad Masoom Alam, the company’s chief technology officer, launched Cytomate, which operates in offensive cybersecurity, simulating cyberattacks to find vulnerabilities before real ones occur.

Tasked to lead the firm’s research and development (R&D) efforts, Alam has been central to all that both co-founders have built, stated Hadeed, citing Alam’s technical leadership, which “turned bold ideas into working solutions.”

“The idea had taken shape during my time at a government entity, where I worked closely on digital security and gained a clear understanding of the evolving cybersecurity threats facing the country and the gaps in the tools being used to defend against them.

“Cytomate was designed to address that gap: a locally built cybersecurity platform focused not only on defence, but on proactively testing and exposing vulnerabilities before they could be exploited,” Hadeed revealed.

He also said, “A key factor behind Cytomate’s success is our strong team. We’re very happy to have such a great team. They are one of the major cornerstones of our success. Their dedication and expertise play a crucial role in driving Cytomate forward and delivering on our mission.”

Hadeed said Cytomate distinguishes itself by operating in offensive cybersecurity, “a space where companies simulate cyberattacks to identify vulnerabilities before real ones occur.” While most firms in the field focus on defence systems, such as firewalls and monitoring tools, he clarified that Cytomate takes the opposite approach.

Explaining Cytomate’s unique approach, Hadeed said, “We are not in the business of building firewalls or selling protection. We simulate attacks in a controlled environment, expose weaknesses, and show you exactly how to strengthen your defences.”

The company has developed four interlinked products: Breach+, which runs in-depth simulations against existing security tools; Racid, which monitors an organisation’s public-facing systems for exposed vulnerabilities; Sarab, which uses digital deception to detect intrusions; and Battle Twin, a platform in development that tests the resilience of operational technology (OT) and Internet of Things (IOT) environments such as those used in oil, gas, or aviation.

He noted that all four products have been designed to work together, allowing clients to move from assessment to monitoring, detection, and finally, simulation and training in a controlled environment.

“We knew we would not get multiple chances, so we built a complete solution from the start. If I had gone to market with just one product, we never would have stood a chance,” said Hadeed, elaborating on the company’s strategic product development.

Hadeed emphasised that early funding for Cytomate came from QSTP and Qatar Development Bank (QDB). The Qatar Research, Development and Innovation Council (QRDI) also provided co-funding for Battle Twin through its Technology Development Fund.

Hadeed stated that this support was crucial for the company's move from concept to product launch, especially since deep-tech startup funding options in the region were limited at the time. Cytomate now operates from QSTP, a location Hadeed credits with attracting talent and increasing client confidence.