Astragar

AI-powered cyber risk quantification for insurance carriers, reinsurers, and enterprises

Specialty Solutions Startup Seed

Overview

Astragar is a cyber risk quantification platform for insurance carriers, reinsurers, and large enterprises. The London-based company translates vulnerability data into financial risk values expressed in GBP, USD, and EUR, giving underwriters, CISOs, and boards a monetary view of cyber exposure rather than a raw severity score.

The platform is delivered as a SaaS suite with API-based integrations to commercial security scanners. Core modules cover vendor risk management, governance and compliance mapping, breach scenario modeling, and regulator-ready incident reporting. The product supports compliance with NYDFS, SEC, DORA, GDPR, SOC 2, ISO 27001, and NIST frameworks through automated evidence collection and control mapping. An agentic AI engine performs threat modeling and financial quantification.

Founded in 2024, Astragar was built in partnership with a Top-5 Global Insurance Broker and was seeking a GBP 1M seed round at the time of research. Early traction includes an MVP deployment with a US customer and active flagship pilot discussions with the broker partner for the US and UK markets.

Products & Services

Vendor Risk Management (VRM)

AI-powered scanner that identifies vulnerabilities across the organization and third-party vendors, maps them to financial risk values, and provides continuous monitoring with prioritization based on potential business impact.

Key Features

Automated vulnerability scanning across internal and vendor environments
Financial risk mapping per vulnerability (GBP/USD/EUR)
Continuous monitoring with business-impact-based prioritization

Target Users: CISOs, risk managers, insurance underwriters

GRC Engine

Governance, risk, and compliance module that maps controls to regulatory frameworks and generates attestation evidence automatically.

Key Features

Control mapping to NYDFS, SOC 2, ISO 27001, NIST, and DORA
Automated evidence collection and gap analysis
Regulator-ready documentation output

Target Users: Compliance officers, risk teams, underwriters

Scenario Engine

Breach scenario modeler that generates financial impact estimates for specific attack types to support board-level decision-making and insurance underwriting.

Key Features

Scenarios include ransomware, BEC, cloud outage, supply chain, and zero-day attacks
Financial impact estimates per scenario
Board and underwriting presentation output

Target Users: Boards, CISOs, underwriters, actuaries

Incident Reporting

Automated incident reporting tool that produces regulator-ready documentation following a cyber event, aligned with NYDFS, SEC, DORA, GDPR, and US state breach notification laws.

Key Features

Automated documentation workflow post-breach
Multi-jurisdiction alignment (NYDFS, SEC, DORA, GDPR)
US state breach notification support

Target Users: Compliance teams, legal, CISOs

Regulatory Attestation

End-to-end support for attestation requirements under NYDFS, SOC 2, ISO 27001, NIST, and DORA.

Key Features

Evidence collection and control mapping
Compliance gap analysis
Supports multiple concurrent frameworks

Target Users: Compliance officers, risk managers

At a Glance

Founded: 2024
Headquarters: London, United Kingdom
Employees: 1-10
Funding: Seed

Category & Focus

Category: Specialty Solutions
Subcategories: Cyber Risk Quantification GRC Vendor Risk Management Compliance Automation
Insurance Verticals: P&C Commercial Specialty/E&S Reinsurance
Target Customers: Carriers, Reinsurers, Brokers

Customers

US customer -- MVP deployment for data risk quantification (name undisclosed)
Top-5 Global Insurance Broker -- active flagship pilot discussions for US/UK market (name undisclosed)