Since 2018, Astra has been at the forefront of proactive cybersecurity. Trusted by over 800 global organizations in 70+ countries, we’ve conducted over 3,000 pentests and reported 2 million+ vulnerabilities. Combining automation with nearly half a century of collective human expertise makes Astra security more intuitive, accessible, and effective.
Last year, our AI-powered pentest platform uncovered nearly 5,500 vulnerabilities per day. As cyber threats continue to evolve at an unprecedented pace, this number is expected to increase threefold by the end of the year.
With AI, the speed at which code is being shipped rapidly increases. This means attackers have an even larger attack surface area to find vulnerabilities. AI has become equally popular among hackers for finding loopholes at scale, which can lead to more breaches.
“The cybercrime landscape is becoming increasingly complex with AI-based attacks.”
– Shikhil Sharma, co-founder and CEO of Astra.
Interacting with dozens of CTOs, CISOs, and engineering leaders worldwide, we’ve had a front-row seat to the escalating cybersecurity landscape. Defined by sophisticated cyber threats— from the RegreSSHion vulnerability to the polyfill attacks or the Crowdstrike outage, cybersecurity is no longer just an IT problem.
It is a foundational business risk amplified by AI and critical at every development lifecycle stage—from ideation to post-production.
From AI-generated phishing emails indistinguishable from human communication to self-adapting malware that evolves in real time, threat actors have taken a page from the innovation playbook – weaponizing tools designed to build secure environments to infiltrate them.
Yet, in a world where engineering has embraced agility, collaboration, and automation in the last decade, cybersecurity continues to lag behind traditional pentests, 500-page jargon-stuffed reports, legacy tools, and stringent checklist-driven approaches. It’s our mission to breathe life into the security space by integrating AI, adopting a hacker’s mindset, and making the tech easy and accessible.
“Security is increasingly shifting to the hands of developers,
while security teams find themselves more overwhelmed than ever.”– Ananda Krishna, co-founder and CTO of Astra.
With AI taking the driver’s seat in creating applications, spawning servers, and scaling systems – new code is being pushed at a rate that humanity hasn’t seen ever. This unprecedented scale of generative code means more vulnerabilities, too. While pentests have been around for over a decade, they are overdue for an AI-first update—simplifying and streamlining the experience.
Astra Security founders Shikhil Sharma and Ananda Krishna have been hackers and builders for over a decade—first helping big brands like Microsoft, Adobe, AT&T, Yahoo, and Blackberry find critical vulnerabilities in their infrastructure. This led to the creation of Astra Security and the company’s focus on an AI-powered offensive continuous pentest platform.
To realize our vision of becoming the single source of security trust between organizations, over the years, we’ve built and refined OrbitX, our CXO-friendly dashboard with a smart DAST and API scanner, 13,000+ AI-powered test cases, real-time scanning, pentests, and compliance checks, successfully empowering hundreds of teams to navigate and transition from DevOps to DevSecOps.
We’re thrilled to announce that Astra has successfully raised fresh capital from Emergent Ventures, Neon Fund, Better Capital, Blume, and Point One Capital to accelerate this mission. While this new injection of funds will help ramp up our momentum, we hope to keep doing what we’re already doing faster and better.

This translates into continued investments in our proprietary AI-powered offensive vulnerability scanning & verification engine, scaling security, customer success, improving user experience, and expanding our go-to-market motion. However, unlike traditional announcements, we hope the following write-up will provide more visibility into where we are and where Astra is headed.
What’s Next?
This investment empowers us to push forward with our mission, fueling innovations across offensive scanning, continuous pentesting, and cloud security. Our goal is to equip CTOs, CISOs, and their teams with sophisticated, adaptable solutions that keep pace with the demands of today’s fast-evolving digital environments.
Starting with the OrbitX umbrella, we aim to create a platform that allows organizations to continuously test and fortify their digital infrastructures in real time as an intrinsic part of their development processes.
With cloud adoption and API dependencies continuing to accelerate, expanding our scanning engine’s capabilities to provide comprehensive real-time security assessments across multi-cloud and hybrid environments is crucial to achieving the above. Thus, the next phase of this development will allow for deeper visibility into API security, infrastructure vulnerabilities, and compliance gaps.
Looking ahead, we also plan to leverage AI to enhance our automated and manual pentests. This includes strengthening our offensive pentesting engine, amplifying AI-driven threat modeling to foster creative pentesting strategies, correlating vulnerabilities across applications and cloud infrastructure, and refining our AI-powered Astra-naut Bot to empower developers with swift vulnerability comprehension and remediation.
Lastly, as attacks and demand for advanced security solutions grow globally, we’re expanding our reach through strategic partnerships and networks. Last year, more than 25% of our customers were mid-sized and large companies, including names such as Loom, Hackerrank, ITC, Olx Autos, Mamaearth, Muthoot Finance, Bonusly Singapore Trade Exchange, Oscilar, University of Cambridge, CompTIA, and Prime Healthcare.

To support this expansion, we’ve launched The 403 Circle, a virtual Slack space where you can connect with other CTOs and CISOs, share experiences, and seek guidance from those on the frontlines. This initiative will strengthen access to collective knowledge from industry experts, influencers, and fellow engineer-founders, providing you with the support you need whenever you need it.
That said, it’s always day 1. Join us as we shape the future of proactive security—together.

Astra Pentest is built by the team of experts that helped secure Microsoft, Adobe, Facebook, and Buffer
