🛡️ UAE-based CPX has acquired spiderSilk, a Dubai-born cyber-AI startup known for simulating offensive cyberattacks to identify vulnerabilities in enterprise systems. The acquisition marks a major milestone for the region’s cybersecurity and deeptech landscape.
Founded in 2019 by Rami El Malak and Mossab Hussein (a well-known white-hat hacker and former Careem PM), spiderSilk has built an autonomous threat intelligence and exposure management platform used by public and private entities across MENA.
Notably, investors — Global Ventures and Dara Holdings — will continue supporting CPX’s leadership in driving the company’s continued growth post-acquisition.
⏪ Background
spiderSilk began with vulnerability research that made global headlines — exposing flaws in platforms like WeWork and MoviePass.
That early work laid the foundation for a commercial platform: Resonance (exposure management), autonomous SOC agents, and a threat intel system powered by a global cyber knowledge graph.
The company’s last raise was a $9 million Series A in 2023, led by Wa’ed Ventures. Previous backers included Global Ventures, Dara Holdings, and Magnus Olsson (Careem).
❌ The size of the problem
While cyber budgets are expanding across the Gulf, most regional spending still flows to global vendors — and reactive, defensive postures.
There’s a gap in homegrown, AI-driven, offensive-grade tooling that can simulate and defend against modern threats. spiderSilk was built to fill that gap.
📖 What does the company do?
spiderSilk offers:
Resonance: a platform to detect, visualise, and resolve security exposure across enterprise systems
Autonomous agents: for threat detection and SOC operations
AI-powered intel tools: built on a continuously updated, global vulnerability graph
Its tech stack is used by governments, enterprises, and infrastructure operators, making it one of the region’s few deeptech players with significant real-world deployments.
🔍 Strategic logic
For CPX — Abu Dhabi’s end-to-end cyber and threat management operator – the deal fills a major product gap: offensive-grade AI cyber capabilities.
The acquisition strengthens its positioning as a full-spectrum security player, and accelerates its expansion into Saudi, GCC, and North America.
🔮 Outlook
This is a landmark exit for MENA cyber — and one that reflects an emerging playbook: strategic absorption by state-backed operators, not just IPOs or acqui-hires.
As the region doubles down on sovereignty, infrastructure security, and R&D localisation, deeptech founders may find that the biggest exits are now domestic.
