Astelia, a cybersecurity platform founded by former leaders of Israel’s National Red Team, has raised fresh capital as enterprises grapple with a surge in AI-driven cyber threats and mounting vulnerability backlogs.
The company has secured $35m in combined seed and Series A funding. The round was led by Index Ventures and Team8, with participation from Holly Ventures. Astelia said it is already working with dozens of customers, including several Fortune 500 companies, as demand grows for more targeted approaches to vulnerability management.
Security teams are facing mounting pressure. Organisations now contend with an average of 135 new vulnerabilities each day, a figure the company says is 40% higher than a year earlier. At the same time, AI-powered threats are accelerating attackers’ ability to exploit weaknesses, with a quarter of successful breaches occurring within 24 hours of a vulnerability being disclosed.
According to industry data cited by the company, 78% of CISOs say AI-driven attacks are already affecting their security posture.
Astelia’s platform is designed to address what it describes as a gap between theoretical risk and actual exposure. While many tools treat vulnerabilities in isolation, Astelia analyses each enterprise’s real environment using agentic AI. The system maps network topology, segmentation and existing controls, while autonomous AI agents – trained by experts with nation-state–level vulnerability research backgrounds – assess the technical prerequisites required to exploit specific flaws.
By correlating exploitability with real-world reachability and attack paths, the platform aims to identify the small fraction of vulnerabilities that genuinely create exposure. In some deployments, the company claims that out of nearly three million vulnerabilities, only around 30 were truly exploitable. It then provides environment-specific remediation plans intended to reduce exposure without unnecessary disruption to production systems.
Astelia said it will use the new capital to expand its AI-driven analysis capabilities, scale deployments, deepen technology partnerships and grow its engineering, research and global go-to-market teams. The company is also focusing on advancing attack-path modelling and supporting organisations shifting away from volume-based scanning towards evidence-driven exposure management.
Alon Noy, CEO and co-founder of Astelia, said, “When you’ve spent years on both the offensive and defensive sides, you learn pretty quickly that most of the vulnerabilities defenders worry about are irrelevant to how attacks actually work. We built Astelia because seeing that gap from both sides made it clear the industry was optimizing for the wrong problem. Security teams need to see their environment the way an attacker does, not the way a scanner does.”
Noy previously led Israel’s National Red Team, responsible for stress-testing the country’s critical infrastructure, working closely with US Cyber Command. Co-founders Nadav Ostrovsky, CTO, and Roy Rajwan, CPO, also served in senior roles within the Israeli intelligence community and the National Red Team, leading teams focused on real-world attack paths and adversary behaviour.
Juriaan Duizendstraal, partner at Index Ventures, said, “As AI reshapes both attacker capabilities and defensive expectations, the strategic imperative for enterprises is to move from assumed risk to provable exposure. Solutions that show where organizations are actually exposed enable CISOs to align cybersecurity with business priorities, reduce wasted effort, and turn vulnerability management from a reactive scramble into a preemptive defense.”
Amir Zilberstein, managing partner at Team8, added, “What convinced us about Astelia was the team and the worldview they bring. Their background gives them a rare, end-to-end understanding of how security failures actually emerge inside real environments – not in theory. That perspective is embedded in the product itself. Astelia cuts through vulnerability noise by grounding decisions in real exposure, and we believe this team is redefining how enterprises operationalize security.”
Copyright © 2026 FinTech Global
