Astelia, a cybersecurity startup founded by former leaders of Israel’s National Red Team, said Tuesday it has raised $35 million in combined seed and Series A funding as it seeks to help organizations prioritize the most dangerous software vulnerabilities amid a surge in AI-driven threats.
The round was led by Index Ventures and Team8, with participation from Holly Ventures. Astelia said it is already working with dozens of customers, including Fortune 500 companies.
The funding comes as security teams face a growing volume of threats. Organizations now contend with an average of 135 new vulnerabilities a day, 40% more than the previous year, according to company data. At the same time, AI-powered tools are accelerating attackers’ ability to exploit weaknesses, with about a quarter of successful breaches occurring within 24 hours of a vulnerability being disclosed. Astelia cited industry data showing that 78% of chief information security officers say AI-driven attacks are already affecting their security posture.
Security teams often struggle to determine which vulnerabilities pose real risk, leaving them to triage large backlogs of alerts with limited evidence of what is actually exploitable.
Astelia says its platform combines analysis of an organization’s real-world environment with what it describes as agentic AI. The system maps network topology, segmentation and existing security controls, while autonomous AI agents — trained by vulnerability research experts — analyze the technical conditions required to exploit specific flaws.
By correlating exploitability with real-world reachability and potential attack paths, Astelia says it can narrow millions of theoretical vulnerabilities to a small fraction that represent genuine exposure. In some deployments, the company said, nearly 3 million identified vulnerabilities were reduced to roughly 30 that were deemed truly exploitable.
The platform then provides environment-specific remediation plans aimed at reducing exposure without unnecessary patching of production systems, which the company says can save time and costs for security and IT teams.
“When you’ve spent years on both the offensive and defensive sides, you learn pretty quickly that most of the vulnerabilities defenders worry about are irrelevant to how attacks actually work,” said Alon Noy, Astelia’s co-founder and chief executive. “We built Astelia because seeing that gap from both sides made it clear the industry was optimizing for the wrong problem. Security teams need to see their environment the way an attacker does, not the way a scanner does.”
Noy previously led Israel’s National Red Team, which stress-tests the country’s critical infrastructure defenses and works closely with U.S. Cyber Command. Co-founders Nadav Ostrovsky, chief technology officer, and Roy Rajwan, chief product officer, also served in senior roles in the Israeli intelligence community and the National Red Team, focusing on real-world attack paths and defensive systems.
“As AI reshapes both attacker capabilities and defensive expectations, the strategic imperative for enterprises is to move from assumed risk to provable exposure,” said Juriaan Duizendstraal, a partner at Index Ventures.
Amir Zilberstein, managing partner at Team8, said the founders’ background gives them “a rare, end-to-end understanding of how security failures actually emerge inside real environments.”
Astelia said it plans to use the new capital to expand its AI-driven analysis capabilities, scale customer deployments, deepen technology partnerships and grow its engineering, research and global go-to-market teams. The company said it is focused on advancing attack-path modeling and supporting organizations that are shifting from volume-based vulnerability scanning to what it calls evidence-driven exposure management based on demonstrable reachability rather than abstract risk scores.