What is Cynomi's uptime guarantee under its Service Level Agreement?

Cynomi commits to a Monthly Uptime Percentage of at least 99.9% during each monthly billing cycle, ensuring high service availability for partners. This is measured and determined solely by Cynomi based on its servers. (Source: SLA webpage)

How does Cynomi define downtime and downtime incidents?

Downtime or Downtime Incident refers to periods when the service is unavailable to partners, as measured by Cynomi's servers. Planned downtime, network disruptions outside Cynomi's control, incidents under five minutes, and certain exclusions do not count as downtime. (Source: SLA webpage)

What are Cynomi's technical support hours?

Cynomi provides technical support Monday through Friday, 9am to 5pm Eastern Standard Time, excluding U.S. National Holidays. (Source: SLA webpage)

How are support requests classified and what are the response times?

Support requests are classified by severity levels (Critical, Major, Minor, Low) with response times ranging from 1 hour for Critical issues to 24 hours for Low severity. Status updates are provided within 24 hours (Critical) to 3 business days (Low). (Source: SLA webpage)

What information must partners provide when submitting a support request?

Partners must provide setup information, application knowledge, output listings, detailed steps to replicate the problem, exact wording of error messages, and any other data Cynomi reasonably requests. (Source: SLA webpage)

What exclusions apply to Cynomi's SLA?

The SLA excludes downtime caused by factors beyond Cynomi's control (force majeure, network failures, unauthorized modifications, misuse, third-party equipment, and more). Planned maintenance and incidents under five minutes are also excluded. (Source: SLA webpage)

Can Cynomi change the terms of its SLA?

Yes, Cynomi reserves the right to change the terms of its SLA by providing partners with at least thirty (30) days prior written notice. (Source: SLA webpage)

What is the definition of Monthly Uptime Percentage?

Monthly Uptime Percentage is calculated as the total number of minutes in a calendar month, minus the Downtime Period, divided by the total number of minutes in that month, expressed as a percentage. (Source: SLA webpage)

What are the severity levels for support issues?

Severity levels are: Severity 1 (Critical), Severity 2 (Major), Severity 3 (Minor), and Severity 4 (Low), each with specific criteria and response times. (Source: SLA webpage)

How does Cynomi handle planned maintenance?

Planned maintenance is announced at least 24 hours in advance and is excluded from downtime calculations. (Source: SLA webpage)

What certifications does Cynomi hold?

Cynomi holds ISO and SOC2 certifications, demonstrating its commitment to security and compliance. (Source: Footer, https://cynomi.com/security/)

Where can I find Cynomi's technical documentation and compliance checklists?

Technical documentation and compliance checklists for frameworks like CMMC, PCI DSS, and NIST are available at CMMC Compliance Checklist, NIST Compliance Checklist, and Continuous Compliance Guide. (Source: knowledge_base)

What frameworks does Cynomi support for compliance?

Cynomi supports over 30 cybersecurity frameworks, including NIST CSF, ISO/IEC 27001, GDPR, SOC 2, and HIPAA, allowing tailored assessments for diverse client needs. (Source: knowledge_base)

Does Cynomi offer branded reporting for compliance and risk management?

Yes, Cynomi provides branded, exportable reports to demonstrate progress and compliance gaps, improving transparency and fostering trust with clients. (Source: knowledge_base)

What integrations does Cynomi support?

Cynomi integrates with scanners like NESSUS, Qualys, Cavelo, OpenVAS, and Microsoft Secure Score, as well as cloud platforms (AWS, Azure, GCP), CI/CD tools, ticketing systems, and SIEMs. API-level access is also available. (Source: knowledge_base)

Does Cynomi offer API access?

Yes, Cynomi offers API-level access for extended functionality and custom integrations. For documentation, contact Cynomi or refer to their support team. (Source: knowledge_base)

What are the key capabilities of Cynomi's platform?

Cynomi automates up to 80% of manual processes, supports over 30 frameworks, provides centralized multitenant management, branded reporting, embedded CISO-level expertise, and enables scalable vCISO services. (Source: knowledge_base)

How does Cynomi automate cybersecurity processes?

Cynomi uses AI-driven automation to streamline risk assessments, compliance readiness, and reporting, reducing operational overhead and enabling faster service delivery. (Source: knowledge_base)

What is Cynomi's security-first design?

Cynomi prioritizes security over mere compliance, linking assessment results directly to risk reduction and ensuring robust protection against threats. (Source: knowledge_base)

How does Cynomi help service providers scale their vCISO services?

Cynomi enables MSPs and MSSPs to scale vCISO services without increasing resources by automating manual tasks and standardizing workflows. (Source: knowledge_base)

How does Cynomi support junior team members?

Cynomi embeds CISO-level expertise and best practices into its platform, enabling junior team members to deliver high-quality work and accelerating ramp-up time. (Source: knowledge_base)

What feedback have customers given about Cynomi's ease of use?

Customers praise Cynomi's intuitive interface and structured workflows. For example, James Oliverio (ideaBOX) finds risk assessments effortless, and Steve Bowman (Model Technology Solutions) reports ramp-up time reduced from four months to one. (Source: knowledge_base)

How does Cynomi standardize workflows and processes?

Cynomi standardizes workflows and automates processes, ensuring consistent delivery across engagements and eliminating variations in templates and practices. (Source: knowledge_base)

What measurable business outcomes have Cynomi customers achieved?

Customers report increased revenue, reduced operational costs, and improved compliance. For example, CompassMSP closed deals 5x faster, and ECI increased GRC service margins by 30% while cutting assessment times by 50%. (Source: knowledge_base)

Who can benefit from using Cynomi?

Cynomi is purpose-built for MSPs, MSSPs, and vCISOs, but also benefits technology consultants, legal firms, and cybersecurity service providers, as shown in case studies. (Source: knowledge_base)

What industries are represented in Cynomi's case studies?

Industries include legal, cybersecurity service providers, technology consulting, managed service providers, and defense sector. (Source: knowledge_base)

Can you share some customer success stories?

CyberSherpas transitioned to a subscription model, CA2 reduced risk assessment times by 40%, and Arctiq cut assessment times by 60%. CompassMSP closed deals 5x faster. (Source: Cynomi Case Studies)

What core problems does Cynomi solve?

Cynomi solves time and budget constraints, manual processes, scalability issues, compliance and reporting complexities, lack of engagement tools, knowledge gaps, and consistency challenges. (Source: knowledge_base)

How does Cynomi address common pain points for service providers?

Cynomi automates up to 80% of manual processes, standardizes workflows, provides branded reporting, and embeds CISO-level expertise to address time, budget, scalability, and knowledge challenges. (Source: knowledge_base)

How does Cynomi differentiate itself in solving pain points?

Cynomi leverages AI-driven automation, standardizes workflows, provides client engagement tools, and embeds expertise, setting it apart from competitors that rely on manual processes. (Source: knowledge_base)

What is Cynomi's overarching vision and mission?

Cynomi's mission is to transform the vCISO space by enabling service providers to deliver scalable, consistent, and high-impact cybersecurity services without increasing headcount. (Source: knowledge_base)

How does Cynomi compare to Apptega?

Apptega serves both organizations and service providers, while Cynomi is purpose-built for MSPs, MSSPs, and vCISOs. Cynomi offers AI-driven automation, embedded expertise, and supports 30+ frameworks, providing greater flexibility. (Source: knowledge_base)

How does Cynomi compare to ControlMap?

ControlMap requires moderate to high expertise and more manual setup. Cynomi automates up to 80% of manual processes and embeds CISO-level expertise, allowing junior team members to deliver high-quality work. (Source: knowledge_base)

How does Cynomi compare to Vanta?

Vanta is direct-to-business focused and best for in-house teams. Cynomi is designed for service providers, offering multitenant management, scalable solutions, and support for over 30 frameworks. (Source: knowledge_base)

How does Cynomi compare to Secureframe?

Secureframe focuses on in-house compliance teams and requires significant expertise. Cynomi prioritizes security, links compliance gaps to security risks, and provides step-by-step, CISO-validated recommendations. (Source: knowledge_base)

How does Cynomi compare to Drata?

Drata is premium-priced and best for experienced in-house teams, with onboarding up to two months. Cynomi offers rapid setup, pre-configured automation flows, and embedded expertise for teams with limited cybersecurity backgrounds. (Source: knowledge_base)

How does Cynomi compare to RealCISO?

RealCISO has limited scope and lacks scanning capabilities. Cynomi provides actionable reports, automation, multitenant management, and supports 30+ frameworks for flexibility and scalability. (Source: knowledge_base)

What is required for Cynomi to address a support request?

Partners must provide all necessary information, documentation, assistance, and access as Cynomi reasonably requires to reproduce and resolve the problem. (Source: SLA webpage)

How quickly does Cynomi respond to critical support requests?

Cynomi responds to Severity 1 (Critical) support requests within 1 hour during business hours and provides a status update within 24 hours. (Source: SLA webpage)

What are Cynomi's business hours for support?

Support is available Monday through Friday, 9am to 5pm Eastern Standard Time, excluding U.S. National Holidays. (Source: SLA webpage)

What is Cynomi's process for updating partners on support requests?

Cynomi provides status updates according to severity: 24 hours for Critical, 36 hours for Major, 48 hours for Minor, and 3 business days for Low severity issues. (Source: SLA webpage)

What is the primary purpose of Cynomi's platform?

Cynomi is designed to enable MSPs, MSSPs, and vCISOs to deliver scalable, consistent, and high-impact cybersecurity services without increasing headcount, leveraging AI-driven automation and embedded expertise. (Source: knowledge_base)

How does Cynomi address compliance and reporting complexities?

Cynomi simplifies compliance tracking and reporting with branded, exportable reports and automated risk assessments, bridging communication gaps with clients and reducing resource-intensive tasks. (Source: knowledge_base)

How does Cynomi help organizations meet tight deadlines and limited budgets?

Cynomi automates up to 80% of manual processes, enabling faster, more affordable engagements without compromising quality. (Source: knowledge_base)

What technical documentation is available for Cynomi?

Compliance checklists, NIST templates, continuous compliance guides, and framework-specific mapping documentation are available to help prospects understand and implement Cynomi's solutions. (Source: knowledge_base)

When was this page last updated?

This page wast last updated on 12/12/2025 .

SERVICE LEVEL AGREEMENT

SERVICE LEVEL AGREEMENT

Cynomi reserves the right to change the terms of this SLA by providing Partner with at least thirty (30) days prior written notice.

During the term of the Agreement, Cynomi will use commercially reasonable efforts to make the Services available with a Monthly Uptime Percentage (defined below) of at least 99.9% during each monthly billing cycle (the “Service Commitment”).

The following definitions apply to this SLA:

“Downtime” or “Downtime Incident” means the time in which Services is unavailable to Partner as measured and determined solely by Cynomi based on its servers. Downtime Incidents shall exclude: (i) reasonable planned downtime incidents announced at least twenty-four (24) hours’ in advance by Cynomi, including without limitation, for periodic upgrade and maintenance, cyber attacks on Cynomi’s collectors (hardware or virtual) within Partner’s network; (ii) network disruption between a Partner’s network and the Services outside of Cynomi’s control; (iii) Downtime Incidents that are caused by the SLA Exclusions specified below; (iv) separate instances of Service unavailability of less than five (5) minutes duration each; and/or (v) any time where Cynomi is awaiting information from Partner or awaiting Partner’s confirmation that the Service has been restored.
“Downtime Period” means the number of minutes in a calendar month during which the Services are unavailable to Partner due to Downtime Incident(s).

“Monthly Uptime Percentage” means the monthly uptime expressed as a percentage, calculated based on the total number of minutes in a calendar month, minus the Downtime Period, divided by the total number of minutes in a calendar month.

Technical Support

Cynomi will use commercially reasonable efforts to respond to and address failures of the Service to function in manner intended by Cynomi (“Problems“) which are reported by Partner (each, a “Support Request“), in accordance with the service levels and terms set forth below in this Schedule. Cynomi support services are available during Monday through Friday between 9am and 5pm Eastern Standard Time (excluding U.S. National Holidays) (“Business Hours”).

In order to be addressed by Cynomi, Problems must be verifiable and reproducible. Furthermore, in order for Cynomi to address a Support Request, Partner must provide Cynomi with all information, documentation, assistance and access as Cynomi might reasonably require, including, without limitation:

setup information,
application knowledge,
listing of any output,
detailed steps required to enable Cynomi to replicate the problem,
exact wording of Problem messages, and
any other data that Cynomi may reasonably request in order to reproduce operating conditions similar to those present when the Problem occurred.

Each Problem for which a Support Request is received by Cynomi, shall be classified by Cynomi and assigned a level of severity (“Severity Level“), in accordance with the following criteria:

Severity Level	Criteria	Response Time (measured after Cynomi receipt of Support Request during Business Hours)	Status Update (measured after Cynomi receipt of Support Request during Business Hours)
Severity 1 Critical	A complete failure or inability to access or use the Service for an extended period of time (more than 30 consecutive minutes) during Business Hours	1 hour	24 hours
Severity 2 Major	A complete failure or inability to access or use the Service for a brief period of time (fewer than 30 consecutive minutes) during Business Hours, or the failure of one or more key features of the Service for an extended period of time (more than 30 consecutive minutes) during Business Hours	4 hours	36 hours
Severity 3 Minor	A partial, temporary or intermittent failure of one or more features of the Service lasting for fewer than 30 consecutive minutes during Business Hours	8 hours	48 hours
Severity 4 Low	A Problem that is cosmetic in nature (e.g., UI) or that can be readily circumvented through use of alternate functionality in the Service.	24 hours	3 Business Days

Upon classification of each Problem for which Cynomi received a Support Request, a support representative of Cynomi shall use commercially reasonable efforts to: (a) contact Partner within the “Response Time” period set forth in the table above (which period is only applicable during Business Hours and to the extent the Support Request is sent outside of Business hours the measurement will start as soon as the Business Hours for the next Business Day commences) , and (b) follow up and provide an update on the status of the measures being taken (such as workarounds, bug fixes, Updates, etc.) to address the Problem within the “Status Update” time frame set forth in the table above.

Other SLA Exclusions

The SLA does not apply to any: (a) features or services excluded from the Agreement (as specified in the associated Documentation); or (b) Downtime Incidents that: (i) are caused by factors beyond Cynomi’s reasonable control (including without limitation any force majeure event (including but not limited to strikes, shortages, riots, fires, flood, storms, explosions, acts of God, war, government or quasi-governmental authorities actions, acts of terrorism, earthquakes, power outages, pandemic or epidemic (or similar regional health crisis)), failure of Internet access or any public telecommunications network, or shortage of adequate power or transportation facilities); (ii) are attributable to repair, maintenance or modification of Cynomi’s Services by persons not authorized by Cynomi; (iii) resulted from accident, negligence, abnormal physical or electrical stress, abnormal environmental conditions, abuse or misuse of Cynomi’s Services; (iv) resulted from use of Cynomi’s Services other than in accordance with the Documentation or in violation of the Agreement; (v) resulted from Partner’s or a third party’s equipment, software or other technology (other than third party equipment within Cynomi’s direct control); and/or (vi) resulted from the combination of Cynomi’s Services with equipment or software not authorized or provided by Cynomi or otherwise approved by Cynomi in the Documentation.

Frequently Asked Questions