Lightspin
Lightspin (Israel, founded 2020) built a CNAPP platform focused on graph-based cloud attack-path analysis across cloud resources and Kubernetes; Cisco acquired the company in 2022 and has been integrating the capability into its cloud security portfolio.
Visit WebsiteCompany Overview
Lightspin developed a cloud-native application protection platform (CNAPP) designed to unify cloud posture management and workload/Kubernetes security by modeling cloud identities, permissions, and resource relationships as a graph to surface exploitable attack paths and prioritize remediation. The product’s core value proposition was reducing alert fatigue by converting misconfigurations and exposure findings into path-based risk narratives tied to high-value assets and likely exploitation routes.
As a standalone vendor, Lightspin competed in a crowded CNAPP market dominated by fast-scaling platforms (e.g., Wiz) and large suite vendors (e.g., Palo Alto Networks). Cisco’s 2022 acquisition is best interpreted as a capability tuck-in to accelerate Cisco’s cloud security posture and risk-prioritization roadmap. Post-acquisition, the relevant diligence question is less “Lightspin vs. peers” and more “how fully the Lightspin graph/analytics is productized within Cisco, and for which deployment models (SaaS vs. restricted environments).”
Dual-use relevance is credible: attack-path modeling, Kubernetes posture, and cloud workload exposure management are directly applicable to defense and intelligence cloud modernization efforts (including hybrid/multi-cloud and containerized mission applications). However, the strength of the defense case depends on operational constraints—certified environments (e.g., FedRAMP/DoD Impact Levels), support for restricted networks, auditability, and data-handling/telemetry requirements—so the strategic value should be assessed through Cisco’s current offering maturity and government accreditation status rather than the pre-acquisition startup posture.
Dual-Use Assessment
Cloud native application protection has critical dual-use applications for defense cloud security. Military cloud workloads require comprehensive security from infrastructure to runtime with attack path analysis to protect classified applications.
Key Technologies
- CNAPP (integrated CSPM + Kubernetes posture management)
- Graph-based cloud attack-path analysis (identity-to-resource relationship modeling)
- Risk prioritization and exposure management for cloud workloads
- Kubernetes security posture assessment (cluster/workload configuration analysis)
- Policy-as-code / compliance mapping for cloud controls (where supported)
- Cloud asset inventory and relationship mapping across accounts/subscriptions
Use Cases & Applications
- Enterprise multi-cloud misconfiguration and exposure prioritization (CSPM with attack-path context)
- Kubernetes cluster posture management for containerized applications
- Cloud identity and permissions risk analysis (lateral movement/exfiltration paths)
- Defense contractor cloud security for regulated workloads (mapping to compliance controls and audit readiness)
- Mission application modernization security for hybrid cloud/container environments
- Pre-deployment risk gating in CI/CD via posture and policy checks (where integrated)
Strategic Value to U.S.-Israel Alliance
Lightspin's CNAPP capabilities (now part of Cisco) provide cloud native application protection relevant for defense cloud workload security with attack path analysis.
Interested in this startup?
Learn more about our investment approach or get in touch to discuss opportunities in dual-use technology.