SimSpace

SimSpace

Speciality: Threat Emulation

Boston, United States 201 employees
[01] About

SimSpace is a private cybersecurity firm specializing in penetration testing, red teaming, threat emulation, and cyber range services; with 150 employees (+15.5% YoY growth), $42.5M annual revenue, and $45M in total funding. Founded in 2015 and headquartered in Boston, Massachusetts, USA, it is recognized for active security testing and cyber assessment capabilities, serving a global market with a ranking of #386,964.

For elite cybersecurity teams under siege in an AI-fueled threat landscape, SimSpace is the realistic, intelligent cyber range that strengthens teams, technologies, and processes to outsmart adversaries before the fight begins. To learn how SimSpace helps organizations graduate from individual to team and AI model training; test tools, tech stacks, and AI agents; and validate controls, processes, and agentic workflows, visit: www.SimSpace.com.
[02] Services
Penetration Testing
Cybersecurity Training
Threat Emulation
Red Teaming
Cybersecurity Testing
Compliance Validation
[03] Certifications
SOC 2 Type 2

SOC 2 Type 2 Certification


Origin


SOC 2 (System and Organization Controls 2) was developed by the American Institute of Certified Public Accountants (AICPA) and introduced in 2011 as part of their Service Organization Control reporting framework. It was created to address the growing need for standardized security auditing as businesses increasingly moved their data and operations to third-party cloud service providers. The AICPA recognized that traditional financial auditing standards were insufficient for evaluating the security practices of technology service providers, prompting the development of SOC 2 to assess controls related to security, availability, processing integrity, confidentiality, and privacy based on their Trust Services Criteria.


Industry Importance


SOC 2 Type 2 certification is highly valued because it provides independent verification that a service provider has implemented and maintained effective security controls over a specified period (typically 6-12 months), rather than just at a single point in time like Type 1. This certification has become an essential requirement for vendors handling sensitive customer data, as it demonstrates to clients and stakeholders that robust security measures are consistently in place. Many enterprises now require SOC 2 Type 2 reports from their vendors as part of their third-party risk management programs, making it a competitive necessity for SaaS companies, cloud providers, and data processors seeking to build trust and win business with security-conscious organizations.

Simspace Certified Cyber Range Associate
[05] Notable Clients
  • U.S. Cyber Command
  • FBI
  • Cymulate
  • Cyber Florida
  • Advanced Cyber Security Center
  • Mandiant
  • CyCognito
  • ADEO
  • IDNet