Navigate back to Perspectives arrow_rightNavigate back to News

Astelia Raises $35M to Turn Exposure Management From Guesswork Into AI-Powered Precision

by Index Ventures

Astelia co-founders Roy Rajwan, Alon Noy, and Nadav Ostrovsky

QUICK TAKE

  • At a time when security teams are increasingly under pressure, Astelia is able to do something no company has achieved before: identifying vulnerabilities that are truly exploitable.
  • The tech has already been deployed across Fortune 500 companies; in some cases, out of nearly three million vulnerabilities identified, only around 30 were found to be genuinely exploitable.
  • CEO Alon Noy previously served as the leader of Israel's national red team, the unit responsible for stress-testing the country's critical infrastructure defenses, working closely with the US Cyber Command.
  • Co-founders Nadav Ostrovsky (CTO) and Roy Rajwan (CPO) served in key roles in the Israeli intelligence community, as well as Israel’s national red team.
  • Astelia will utilize the funding to expand its AI-driven analysis capabilities, scale deployments, deepen technology partnerships, and grow its engineering, research, and global go-to-market teams.

INDEX PERSPECTIVE

By Juriaan Duizendstraal

Astelia has solved a critical challenge that three generations of security software vendors have struggled with: separating theoretical risk from real exposure. Instead of overwhelming teams with endless vulnerability lists, Astelia identifies the small fraction that are truly exploitable in any given environment - the ones that pose an immediate, actionable threat. That clarity changes how security teams operate.

It’s a critical solution at a time when enterprises and organizations of all sizes are facing more threats than ever, stretching security teams to their limits. The team has achieved this in just a year since launch through a rare combination of three ingredients: deep, real-world expertise from the IDF; an exceptional team with inherent trust in one another; and a bulldozer of a leader.

I first met Alon, Astelia's CEO, just after their Seed round and immediately knew he was someone special - and that we’d be backing him at Series A. Still, I’ve been surprised by the sheer pace at which he has not only built the company, but also signed a number of Fortune 500 companies and hired exceptional talent.

But it’s not just Alon's leadership that has enabled Astelia's success. The team is doing something no security firm has achieved before, through a capability that can only come from experience.

Alon previously led Israel’s national red team, the unit responsible for stress-testing the country's critical infrastructure defenses and collaborating closely with the US Cyber Command. Co-founders Nadav and Roy worked alongside him for over a decade. All have served in key roles within the Israeli intelligence community covering real-world attack paths, adversary behavior, and large-scale defensive systems.

The result is a team with a rare intimacy. They operate with inherent trust, crystal-clear roles, and a team - most of which previously worked with the founders in the IDF – who have complete confidence in the leadership.

THE DETAILS

Organizations now face an average of 135 new vulnerabilities every day, 40% more than the year before, while AI-powered threats are accelerating attackers’ ability to exploit them, with a quarter of successful breaches now occurring within 24 hours of a vulnerability being disclosed.

As a result, 78% of CISOs say AI-driven attacks are already impacting their security posture. Security teams are forced to chase an ever-growing backlog of alerts, leaving the few vulnerabilities that truly matter easier (and faster) to exploit.

Drowning security teams already understand that not all vulnerabilities are equal, but existing tools still force them to triage massive backlogs with limited proof of what is actually exploitable. Astelia combines deep analysis of each enterprise’s real environment while autonomous AI agents, trained by nation-state–level vulnerability research experts, analyze the technical prerequisites required to exploit vulnerabilities.

By correlating exploitability with real-world reachability and attack paths, Astelia surfaces the small fraction of vulnerabilities that can lead to true exposure; in some deployments, out of nearly 3 million vulnerabilities, only around 30 were genuinely exploitable. The platform then delivers environment-specific remediation plans that reduce exposure, saving security and IT teams significant time and remediation costs.

“When you’ve spent years on both the offensive and defensive sides, you learn pretty quickly that most of the vulnerabilities defenders worry about are irrelevant to how attacks actually work,” said Alon Noy, CEO and Co-Founder of Astelia. “We built Astelia because seeing that gap from both sides made it clear the industry was optimizing for the wrong problem. Security teams need to see their environment the way an attacker does, not the way a scanner does.”

Astelia will utilize the funding to expand its AI-driven analysis capabilities, scale deployments, deepen technology partnerships, and grow its engineering, research, and global go-to-market teams. The company is focused on advancing attack-path modeling and supporting demand from organizations moving away from volume-based scanning toward evidence-driven exposure management, grounded in provable reachability rather than abstract risk scores.

In this post: Astelia, Juriaan Duizendstraal

Published — Feb. 24, 2026