估计估值 01
2100 USD M [CO024, CV030] 尽调报告
At-Bay
差异化 InsurSec 平台已经跑出真实规模,但承保不透明、估值对价格敏感;承诺前必须拿到数据室证据。
At-Bay 已经建起可信的 InsurSec 平台,拥有实质性 SMB 分销、自有保单承保控制和正在成形的安全产品增购引擎;但承保、留存和股权结构经济性披露仍不够,公开证据只支持继续研究,难以在估计 $2.1B 估值附近做干净入场承保。
封面要素
公司概况
At-Bay 创立于 2016 年,总部位于旧金山,并在特拉维夫设有重要工程和研发中心。公司用 InsurSec 模式把网络保险和安全产品放在一起:经纪人分销的 Cyber 和 Tech E&O 保单,与 At-Bay Stance 风险暴露管理、MDR、MXDR 产品并行。公开证据显示,公司有超过 53,000 名 SMB 和中型市场客户、约 $155 million 的 2024 年收入,Stance 安全层采用很快,但完整经济账仍未公开。
- 成立时间
- 2016-01-01
- 创始人
- Rotem Iram, Roman Itskovich, Etai Hochman, Tilli Kalisky-Bannett
- 创立地点
- San Francisco, CA, USA
- 总部
- San Francisco, CA, USA
- 产品
- At-Bay 通过经纪人销售网络保险和 Tech E&O 保障,再叠加 At-Bay Stance 服务,包括风险暴露管理、漏洞监控、MDR Endpoint、MDR Email 和 MXDR。公司 2023 年开始用自有保单纸签发新的 E&S 网络保单,在保持高度再保险模式的同时,拿到更多承保控制权。
- 客户
- 通过经纪人购买网络保险的 SMB 和中低端中型市场企业,近期扩展到收入最高 $5B 的更大商业账户。
- 商业模式
- 收入来自保险保费,以及高度再保险的 Cyber / Tech E&O 业务上的 MGA 经济账;另有一条仍属少数但在增长的安全收入流,来自 At-Bay Stance MDR/MXDR 订阅和服务。
- 阶段
- Late-stage private (post-Series D, full-stack carrier transition)
- 融资情况
- 最后一次披露的新股融资是 2021 年 7 月 Series D:$185M,投后估值 $1.35B,后续又追加 $20M。已披露外部资本累计约 $292M,2021 年后没有公开披露的新股轮。
执行摘要
主要优势
- 嵌入式 InsurSec 模型把承保、理赔数据和 Stance 安全遥测绑得更紧,强于传统网络险公司。
- 自有保单 E&S 保险公司叠加经纪渠道分销,相比纯 MGA 同行提升了承保控制和出单可信度。
- 公开报道的 2024 年收入和 53,000+ 客户规模显示,公司已有真实商业渗透,不只是叙事牵引。
- Stance MDR 从 2023 年不足 1,000 家客户快速增至 2024 年底 7,500 家,切出第二条收入楔子。
- At-Bay 的数据集和预防定位,让平台对保险公司、再保险公司和网络安全供应商都有战略吸引力。
主要风险
- 保险公司子公司 2024 年综合成本率为 102%,在公开证据证明改善之前,已显示承保压力。
- 若保单增长和 Stance 附着率无法抵消费率下降,网络保险价格走软会挤压 MGA 经济性。
- 勒索软件集中度带来模型风险和赔付波动敞口,其中 Akira 推动了 2025 年 40%+ 的勒索软件理赔。
- 对经纪人、再保险公司和合作伙伴的依赖,意味着 At-Bay 对续保和承保容量经济性的控制弱于纯软件业务。
- 公开投资人仍看不清合并口径利润率、烧钱速度、留存、准备金发展和优先股堆叠下行风险。
未决问题
- 合并口径 GAAP 财务报表、毛利率和烧钱轨迹没有公开。
- 再保险合约触发点、定价和续约条件仍未披露。
- Stance 队列留存、附着率、毛利率和客户回本周期没有公开。
- 经纪人集中度和按客群划分的续保队列没有公开。
- 股权结构表优先权、反稀释条款和老股流动性压力没有公开。
目录
01公司概况
1.1 公司定位与商业模式
At-Bay, Inc. 由一批具备深厚网络安全和金融背景的以色列创业者于 2016 年在加州旧金山创立。公司自称是「数字时代的 InsurSec 提供商」——这种模式把传统保险承保和嵌入式、主动型网络安全服务放在同一个公司结构下。传统承保公司往往先定价、事后理赔;At-Bay 则持续监控被保险企业的外部攻击面,提醒投保人新出现的漏洞,并通过安全关联公司 At-Bay Security, LLC 直接提供托管检测与响应(MDR)能力。 保险侧通过 At-Bay Insurance Services, LLC(在全部 50 个州和 D.C. 持牌的盈余险经纪)以及一家活跃的全栈保险公司,承保 Cyber、Technology Errors & Omissions(Tech E&O)和 Miscellaneous Professional Liability(MPL)保单。At-Bay 自留约 15% 的承保风险,其余分出给大型再保险公司,以管理总风险暴露,同时吃到风险筛选和客户关系的经济性。网络安全侧的 At-Bay Security, LLC 则提供 At-Bay Stance MDR 和 Exposure Management;非投保人也可以单独购买。双实体结构让 At-Bay 能把保险增强项(降低勒索软件自留额、自动平价续保)包装成激励,推动投保人采用安全平台。 截至 2025 年,At-Bay 在全球有 6 个办公室,总部位于旧金山,并在以色列特拉维夫设有重要研发和工程中心。经纪人分销网络覆盖美国市场,经纪平台 NPS 为 93。公司的市场进入完全依靠持牌保险经纪人,不直接面向投保人绑定承保。 [CO001, CO002, CO003, CO004, CO005, CO041]
| 指标 | 数值 / 状态 | 截至日期 | 置信度 | 数据缺口 / 注意事项 |
|---|---|---|---|---|
| 估计估值 | ~$2.1B(Forbes Big Tech 50 估计) | 2024-01-01 | 低 | 2021 年 7 月 $1.35B 估值的 Series D 新股轮后,没有新的一级融资;Forbes 估计是二级市场口径 |
| 累计股权融资 | ~$295.7M | 2026-01-01 | 高 | 根据官方 At-Bay About 页面;已确认 6 轮 |
| 2024 年收入 | ~$155M | 2024-12-31 | 中 | 根据 Latka / Forbes;私营公司,未独立审计 |
| 收入同比增长 | ~20%(2024 年较 2023 年) | 2024-12-31 | 中 | $155M vs $129M;增长率按披露数字估算 |
| 保险保单持有人 | ~40,000 | 2025-04-10 | 中 | 根据 At-Bay 2025 InsurSec Report 新闻稿;About 页面称 35,000+ |
| MDR 客户 | ~7,500 | 2024-12-31 | 中 | 根据 Forbes;从 2023 年的 <1,000 增长而来 |
| 员工数 | ~340–367 | 2026-01-01 | 低 | At-Bay About 页面显示 340+;第三方追踪机构(Tracxn)估计约 367 |
| 办公室 | 全球 6 个办公室 | 2026-01-01 | 高 | 根据 At-Bay About 页面;包括 San Francisco 总部和 Tel Aviv 枢纽 |
| 最后确认估值轮 | $1.35B 投后估值 | 2021-07-27 | 高 | Series D 新闻稿;由 Icon Ventures 与 Lightspeed 共同领投 |
| MDR 年化收入 | ~$13M | 2024-12-31 | 低 | 根据 Forbes;约数,未独立确认 |
收入和客户数据来自关于私营公司的媒体报道和第三方分析数据库;均未经过独立审计。估值为外部估计。员工数来自公司 About 页面和第三方追踪机构。
[CO021, CO023, CO024, CO026, CO027, CO028]At-Bay 的保险承保、风险监控和 MDR 安全服务如何串成 InsurSec 飞轮。
[CO002, CO003, CO041, CO042, CO045]1.2 创始人与领导团队
At-Bay 由 4 人于 2016 年联合创立:Rotem Iram(CEO)、Roman Itskovich(首席风险官)、Etai Hochman 和 Tilli Kalisky-Bannett。Hochman 和 Kalisky-Bannett 已不再担任高管。Iram 和 Itskovich 都把以色列精英情报服役经历、全球咨询和金融经验结合在一起,这种少见组合直接塑造了 At-Bay 的承保纪律和技术优先的风险理念。 Rotem Iram 曾在一个类似 NSA 的以色列情报单位担任上尉,之后在 McKinsey & Company 做咨询,并在 K2 Intelligence 担任运营职务。他拥有 Hebrew University of Jerusalem 计算机工程学士学位和 Harvard Business School MBA。军事情报背景是 At-Bay 风险扫描方法的核心。Roman Itskovich 曾在 Bain Capital 投资团队任职,也曾在 McKinsey 做咨询,之后联合创立 At-Bay。他拥有 Tel Aviv University 经济与会计学士学位和 Harvard Business School MBA。 当前领导团队中,联合创始人之外还包括 Ken Riegler(President, At-Bay Insurance)、Ari Fischel(CFO)、Ayelet Kutner(CTO)、Tara Bodden(General Counsel & Head of Claims)、Thom Dekens(CBO and GM, At-Bay Security)、Michael Drummond(Chief Underwriting Officer, Cyber and Tech E&O)以及 Adam Tyra(CISO for Customers)。团队覆盖保险运营、网络安全、工程和法务,对一家约 340–367 人的公司来说职能面较宽。Rotem Iram 周边的关键人物风险很实质:他是 InsurSec 模式的公开门面、战略架构师和主要发言人,任何接班或离任都会带来不成比例的风险。 [CO006, CO007, CO008, CO009, CO010, CO011]
| 姓名 | 职务 | 背景 | 创始人-市场匹配 / 职能覆盖 | 关键人依赖 |
|---|---|---|---|---|
| Rotem Iram | 联合创始人兼 CEO | 以色列情报部队(Unit 8200 上尉)、McKinsey、K2 Intelligence;HBS MBA;Hebrew Univ. 计算机科学 | InsurSec 愿景;军方网络安全经验 + 保险战略 | 高 — 公众代表和 InsurSec 架构师 |
| Roman Itskovich | 联合创始人兼首席风险官 | Bain Capital 投资团队、McKinsey;Tel Aviv Univ. BA、HBS MBA | 风险量化;承保纪律;财务建模 | 高 — 精算与风险引擎负责人 |
| Ken Riegler | At-Bay Insurance 总裁 | 保险运营和分销领导经验 | 经纪人关系;保险商业化路径;渠道管理 | 中 — 负责保险收入引擎 |
| Ari Fischel | 首席财务官 | 财务和资本配置领导经验 | 财务运营;资本结构;投资者关系 | 中 — 对融资和并购关键 |
| Ayelet Kutner | 首席技术官 | 工程和平台基础设施 | 平台工程;Stance 技术栈;产品交付 | 中 — 技术 IP 和平台负责人 |
| Tara Bodden | 总法律顾问兼理赔负责人 | 法务、监管合规和理赔领导经验 | 监管;理赔管理;诉讼风险 | 中 — 合规和理赔完整性 |
| Thom Dekens | 首席商务官兼 At-Bay Security 总经理 | 保险和安全业务运营 | MDR 商业策略;Stance 产品商业化路径 | 中 — 负责安全收入线 |
| Adam Tyra | 客户侧 CISO | 网络安全运营和威胁情报 | 安全咨询;面向客户的 CISO;InsurSec 报告 | 低 — 对外角色,但可替代 |
根据官方 At-Bay About 页面和公开领导层资料汇编。除 Preeti Rathi(Icon Ventures)和 Yoni Cheifetz(Lightspeed)外,完整董事会构成尚未公开确认。薪酬和股权结构为非公开信息。
[CO006, CO007, CO008, CO009, CO010, CO011]1.3 融资历史与资本结构
2016 年以来,At-Bay 已通过 6 轮风险融资募集约 $295.7 million,投资方包括科技 VC、全球保险集团的企业风险投资部门,以及具备网络安全运营经验的知名天使投资人。 2017 年 11 月的 $6 million 种子轮由 Lightspeed Venture Partners 和 Shlomo Kramer 支持;Kramer 是以色列连续创业者,曾联合创立 Check Point Software 和 Imperva。2018 年,公司完成 $13 million Series A。2020 年 2 月 Series B 融资 $34 million,由 Munich Re Ventures(通过其 HSB 基金)和 Acrew Capital 共同领投,Khosla Ventures、Lightspeed、Qumra Capital、M12(Microsoft 的风险投资基金)和 Shlomo Kramer 参投。2020 年 12 月,另一笔 $34 million Series C 完成,由 Qumra Capital 领投,M12 在原有财团基础上提高了承诺。 关键的 Series D 在 2021 年 7 月完成,规模 $185 million,由 Icon Ventures 和 Lightspeed Venture Partners 共同领投。Preeti Rathi(Icon Ventures)随融资加入董事会。该轮把 At-Bay 的投后估值推至 $1.35 billion——达到独角兽状态——累计融资在交割时约 $272 million。2021 年 10 月又追加 $20 million,使累计融资达到约 $292–$295.7 million(按公司 About 页面披露)。Forbes Big Tech 50 2024 估计 At-Bay 估值约 $2.1 billion,反映 2021 年新股轮后的增长,但没有新的融资事件确认。 投资人结构以 VC 支持的成长资本为主(Icon Ventures、Lightspeed、Khosla、ION Crossover Partners),并叠加战略保险资本(Munich Re Ventures/HSB、Qumra Capital、Glilot Capital)和运营经验(Shlomo Kramer)。公开记录中没有确认的债务或授信安排。Series D 之后,也没有公开确认的老股流动性或老股要约事件。 [CO018, CO019, CO020, CO021, CO022, CO023]
| 利益相关方 | 角色 / 关系 | 经济 / 控制重要性 | 尽调核查点 |
|---|---|---|---|
| Icon Ventures | Series D 领投方(共同领投) | 董事席位(Preeti Rathi);通过 $185M 轮持有重要股权 | 确认当前董事会参与和治理权利 |
| Lightspeed Venture Partners | Series D 领投方(共同领投);Seed 投资方 | 董事席位(Yoni Cheifetz);多轮参与 | 确认当前持股和老股流动性 |
| Khosla Ventures | Series B–D 投资方 | 多轮参与;强科技 VC 背书 | 确认当前持股和董事会代表权 |
| Munich Re Ventures(HSB Fund 基金) | Series B–D 战略企业投资方 | 再保险战略协同;承保容量合作 | 评估对 At-Bay 的再保险容量承诺 |
| M12 (Microsoft Ventures) | Series B–D 投资方 | 企业战略投资方;技术生态连接 | 评估产品集成或分销协同 |
| Qumra Capital | Series C 领投方;多轮投资方 | 成长股权 VC;领投 Series C;早期持有重要股份 | 确认当前持仓和二级市场活动 |
| Shlomo Kramer | 天使 / 运营者投资方,Seed–D | Check Point + Imperva 联合创始人;导师和领域背书方 | 评估顾问角色和董事会参与 |
| Acrew Capital | Series B–D 投资方 | 聚焦金融科技 / 保险科技的 VC;多轮参与方 | 确认当前持股 |
| Glilot Capital Partners | Series D 投资方 | 以色列 VC;聚焦网络安全 | 确认持仓和以色列研发战略协同 |
| ION Crossover Partners | 投资方(轮次未完全披露) | 跨阶段基金;成长股权 | 确认参与轮次和当前持股 |
投资者名单根据 At-Bay 官方 Series B、C、D 新闻稿汇编,并与 Qumra Capital、Globes、TechCrunch 报道交叉验证。股权比例、董事席位数量和清算优先权堆叠未公开披露。ION Crossover Partners 出现在 At-Bay 官方 About 页面投资者名单中。
[CO018, CO019, CO020, CO021, CO022, CO025]1.4 规模指标与里程碑
At-Bay 从 2016 年一家旧金山小创业公司,成长为截至 2025 年 4 月在美国为近 40,000 家企业提供保险、并在 2024 年产生 $155 million 收入的公司;收入较 2023 年 $129 million 同比增长约 22%,较 2022 年 $90 million 增长超过 70%。公司累计融资超过 $295.7 million,在 6 个全球办公室约有 340–367 名员工。 MDR 是 At-Bay 增长最快的板块,客户数从 2023 年初不到 1,000 名,增至 2024 年底 7,500 名,当时带来 $13 million 年化 MDR 收入。Stance 平台整体保护约 1.5 million 个受监控资产。At-Bay Stance MDR 于 2023 年 10 月 26 日发布,并在 2024 年 1 月商业可用。2024 年 6 月,At-Bay 将 Cyber 和 Tech E&O 承保胃口扩展到收入最高 $5 billion、保额最高 $10 million 的企业,从而触达更大的中型市场和早期企业账户。 Relay Platform 的收购(约 2022 年 8 月完成)和后续关停(2024 年 8 月 6 日生效)是一处值得注意的战略转向:At-Bay 收购了一家数字经纪平台创业公司,随后在 Stance MDR 动能加速时将其关闭。At-Bay Specialty Insurance Company 子公司 2023 年获得 AM Best A- 财务实力评级,增强了经纪人可信度。公司入选 Forbes Fintech 50(2023–2025)和 Forbes Best Startup Employers(2026)。 [CO026, CO027, CO028, CO029, CO030, CO032]
| 日期 | 事件 | 类型 | 金额 / 估值 / 状态 | 参与方 / 备注 | 影响 |
|---|---|---|---|---|---|
| 2016 | At-Bay 在 San Francisco 成立 | 创立 | N/A | Rotem Iram、Roman Itskovich、Etai Hochman、Tilli Kalisky-Bannett 等创始人 | InsurSec 模式成形;以色列创始人兼具情报 + 金融背景 |
| 2017-11 | Seed 轮完成 | 融资 | $6M | Lightspeed Venture Partners、Shlomo Kramer、LocalGlobe 等投资方 | 为平台建设和团队组建提供初始资本 |
| 2018 | Series A 轮完成 | 融资 | $13M | Shlomo Kramer、Keith Rabois、Yoni Cheifetz(Lightspeed)等投资人 | 深化产品和早期经纪人分销 |
| 2020-02 | Series B 轮完成 | 融资 | $34M | HSB / Munich Re Ventures、Acrew Capital、Khosla、Lightspeed、Qumra、M12、Shlomo Kramer 等投资方 | 战略再保险资本入场;建立机构背书;扩大美国足迹 |
| 2020-12 | Series C 轮完成;2020 年收入增长 600% | 融资 | $34M | Qumra Capital(领投)、M12(新进)、现有财团 | 不到 12 个月内完成第三轮;员工数增至 3 倍;自动化承保平台上线 |
| 2021-07 | Series D 轮完成;At-Bay 成为独角兽 | 融资 | $185M,投后估值 $1.35B | Icon Ventures(共同领投)、Lightspeed(共同领投)、Preeti Rathi 加入董事会 | 达到独角兽里程碑;年化经常性保费超过 $160M;保费同比增长 800% |
| 2021-10 | Series D 延展轮 | 融资 | $20M | 现有投资方 | 使累计融资约达 $292–$296M |
| 2022-08 | 收购 Relay Platform | 产品 | 未披露 | Aaron Davidson(Relay CEO);约 25 名 Relay 员工加入 At-Bay | 扩大数字经纪人分销能力 |
| 2023-10-26 | At-Bay Stance MDR 发布 | 产品 | N/A | 2024 年 1 月可用;由 CrowdStrike EDR 驱动 | 将托管检测与响应作为独立安全服务推出;2024 年 1 月商业化上线 |
| 2023 | At-Bay Specialty Insurance Company 获得 AM Best A- 评级 | 监管 | 评级:A-(优秀) | AM Best | 为经纪人分销建立承保公司信誉;可与合规准入承保公司同行竞争 |
| 2024-06 | 覆盖范围扩大至收入最高 $5B 的企业 | 产品 | 保单限额最高 $10M | Michael Drummond(CUO);新增内部 DFIR 团队 | 向中端市场扩张;打开更大企业机会 |
| 2024-08-06 | Relay Platform 关闭 | 反向 | N/A | 约 25 名员工受影响;Aaron Davidson 团队 | 战略重心转回核心保险和安全;收购变现失败 |
| 2024-12-31 | MDR 达到 7,500 名客户和 $13M 年化收入 | 规模 | $13M 年化 MDR 收入 | At-Bay Security, LLC | MDR 业务具备可行性;验证 InsurSec 交叉销售逻辑 |
| 2024-12-31 | FY2024 收入达到 $155M | 规模 | $155M | 根据 Latka / Forbes 报道 | 同比增长 22%;市场走软下仍守住收入规模 |
Series B、C、D 日期来自 At-Bay 官方新闻稿和第三方新闻报道。Relay 收购日期按 Coverager 估算为约 2022 年 8 月(报道称距离 2024 年 8 月关闭「近两年」)。AM Best 评级日期依据 2023 年新闻报道估算;确切日期未确认。
[CO018, CO019, CO020, CO021, CO022, CO023]从创立到 2025 年的关键里程碑,覆盖融资、产品发布和负面事件。
Relay 收购日期按 Coverager 报道估算。收入数字来自 Latka / Forbes。
[CO018, CO020, CO021, CO026, CO032, CO034]基于最近可得数据,截至 2026-06-03 运行日的 At-Bay 关键绩效指标。
收入和估值估计来自媒体报道和分析师数据库;公司为私营,数据未经独立审计。
[CO026, CO027, CO028, CO029, CO030, CO023]1.5 产品与安全平台
At-Bay 的产品套件横跨两类:保险和主动网络安全。保险组合包括首层和超额 Cyber、Technology E&O 以及 Miscellaneous Professional Liability 保单,通过 At-Bay Insurance Services, LLC(E&S 经纪)和一家准许承保的全栈承保实体提供。每份盈余险 Cyber 和 Tech E&O 保单都附带 At-Bay Stance Exposure Management,包括 Stance Advisory Services——把漏洞扫描、暗网监控、AI 驱动的邮件欺诈预警、虚拟 CISO 咨询和员工安全意识培训作为嵌入功能提供。At-Bay 估计,按当前市场价格,这些嵌入服务每份保单价值最高 $70,000。 At-Bay Stance MDR 产品自 2024 年 1 月商业可用,由 At-Bay 安全专家管理,基于 CrowdStrike 技术提供 24/7 端点监控。MDR 通过 At-Bay Security, LLC 单独销售,投保人和非投保人都可购买。使用表现靠前 MDR 服务的投保人可能有资格获得保险保费抵免。公司的 2026 InsurSec Report 确认,2025 年遭遇 Akira 勒索软件攻击且避免全量加密的所有投保人,都已部署 24/7 MDR;这一点强力支撑了该产品的战略叙事。 更广义的 Stance 平台还包括邮件安全产品(Stance MDR for Email)、风险暴露管理层,以及由 vCISO 顾问交付的桌面演练服务。At-Bay 许可或自研数字取证与事件响应(DFIR)能力,在理赔事件中使用。公司的风险筛选方法在报价时使用外部攻击面扫描,而不是静态问卷,因此风险模型校准的是实际安全状态,而不是自报控制措施。 [CO002, CO032, CO041, CO042, CO043, CO045]
1.6 反向因素与风险信号
评估 At-Bay 时,几个结构性和运营性风险因素需要重点关注。 第一,网络保险市场本身处在持续走软阶段,给全行业利润率带来压力。美国网络险市场 2024 年收缩 7%(NAIC 数据)——这是直接承保保费首次下降。Dual Group 2026 年 4 月分析预计,美国网络险 2026 年综合成本率为 97%;如果走软延续,2027 年可能进入不盈利区间。美国价格从 2023 年 Q4 到 2025 年 Q4 下降 13%。At-Bay 作为自留 15% 风险的专业承保公司,在损失率恶化时会直接暴露在盈利压力下。 第二,At-Bay 自身理赔数据揭示了艰难的损失环境。2026 InsurSec Report 记录,2025 年平均赔案严重度达到历史高点 $221,000,勒索软件赔案严重度为 $508,000,同比上升 16%。第三方责任索赔 2025 年激增 70%。报告还显示,小企业——At-Bay 的核心市场——严重度上升最陡(收入低于 $25M 的公司上升 40%)。这些趋势会直接转化为更高预期损失。 第三,Relay Platform 的收购和关停是一个反向里程碑。At-Bay 投资了一家数字经纪投放平台(约 2022 年 8 月收购),不到两年后将其关闭,2024 年 8 月 6 日生效。关停影响约 25 名员工,管理层需要解释已投入资本和已实现的战略价值。 第四,At-Bay 尚未盈利。作为私营公司,公司没有披露 EBITDA 或净利润。在已融资约 $296M、2024 年收入 $155M 的背景下,增长投入、理赔成本和运营费用之间的平衡没有公开透明度。 第五,CEO Rotem Iram 周边的关键人物集中风险显著——他是 InsurSec 战略的主要架构师和公开门面。 [CO035, CO036, CO037, CO038, CO039, CO040]
1.7 展项
02市场分析
2.1 市场边界与范围
At-Bay 的市场规模应放在一个刻意收窄的边界里衡量:面向组织的商业网络保险,加上贴附在已承保风险上的相邻 MDR / 安全服务。纳入的保险支出,是独立 和打包式网络保单的毛承保保费或直接承保保费,覆盖第一方损失、勒索软件 / 勒索、事件响应、业务中断、隐私责任,以及与 Technology E&O 相连的网络风险暴露。纳入的安全邻接,是卖给同一批 SMB 和中型市场买方的托管检测与响应、漏洞监控和修复,作为降险层。排除项包括个人网络保单、不明确给网络风险定价的广义财产与意外险保费、没有与托管响应打包的通用网络安全软件、保修,以及自保准备金。这个边界重要,因为 At-Bay 的市场叙事不只是「网络安全支出很大」;它的经济切口在于把风险转移、经纪人主导的保险分销、以及能降低索赔频率的安全控制结合起来。[CM001, CM013, CM020, CM029]
| 类别 | 纳入支出 | 剔除支出 | 买方 / 付款方 | At-Bay 意义 |
|---|---|---|---|---|
| 独立商业网络保险 | 专门网络保单的保费,覆盖第一方损失、隐私责任、业务中断、勒索及响应 | 个人网络保险、静默网络风险、通用 P&C | CFO、风险经理、企业主通过经纪人购买 | 核心保险 TAM |
| 打包网络附加险 | 附加在 BOP、GL、E&O 或其他商业组合险上的网络附加条款 | 独立限额和非网络保费 | SMB 业主或财务主管 | 有助于小企业切入,但不是完整主动网络安全楔子 |
| 非准入网络保险 | 面向更难承保或更大风险的非准入网络保障 | 准入标准市场保单 | 经纪人、CFO、风险负责人 | 历来是专业网络保险承保人的重要市场 |
| 准入 SMB 网络保险 | 面向小公司的州准入网络保单 | 非准入和企业塔式保单 | 业主、财务主管、经纪人 | 扩大 At-Bay 在小企业中的 SAM |
| MDR / 主动安全服务 | 24/7 监控、响应、漏洞和暴露面管理,绑定网络风险 | 无托管工具、纯 EDR 许可、内部 SOC 人力 | IT / 安全预算,有时与保险打包 | 邻近收入池和损失控制抓手 |
| 现状 / 替代方案 | 无保费;自保、合同接受、内部 IT 控制 | 非市场收入 | 业主、CFO、IT 负责人 | 争夺预算,并压低 SMB 渗透率 |
边界将保险保费与安全服务收入分开;MDR 被视为邻近业务,不纳入网络保险 GWP。
[CM001, CM013, CM020, CM029]2.2 TAM/SAM/SOM 与相互矛盾的市场估算
可支撑的 TAM 是全球商业网络保险保费,2024–2025 年约 $15B-$17B,取决于来源以 Munich Re 全球 GWP、Swiss Re 增长分析、Gallagher 经纪人展望,还是美国 NAIC DWP 为锚。NAIC 的 $9.14B 美国 2024 DWP 是最强监管基线,但不是全球 TAM;Munich Re 的 2024 年 $15.3B 和 2025 年 $16.3B 估计更适合作为全球保费口径。At-Bay 的 SAM 更窄:通过经纪人销售给美国 SMB 和中型市场的网络保险,并有来自准许承保和盈余险产品以及单独 MDR 贴附的上行空间。SOM 还要再为经纪人触达、风险胃口、州可用性、竞争承保公司、再保险容量,以及愿意单独为 MDR 付费的买方占比未知而打折。最重要的矛盾在于:风险暴露数量可以增长,但费率同时走软,所以即使采用率改善,保费 TAM 也可能看起来持平。[CM002, CM003, CM025, CM026, CM027, CM028]
| 视角 / 发布方 | 地理范围 | 2024-2026 年数值 | 方法 | 置信度 | 局限 |
|---|---|---|---|---|---|
| NAIC 网络保险报告 | 美国 | 2024 年美国网络 DWP 为 $9.14B | 监管年度报表披露 | 高 | 仅美国且为 DWP,不是全球 GWP |
| Munich Re 2025 | 全球 | 2024 年 GWP 为 $15.3B;2025 年估计 $16.3B | 再保险公司市场分析 | 高 | 全球保费,不是 At-Bay SAM |
| Swiss Re 增长分析 | 全球 / SME | SME 被定位为渗透不足的增长池 | 网络风险知识和市场建模 | 高 | 未单独拆出 At-Bay 客群 |
| Gallagher 2026 展望 | 全球 / 美国经纪人市场 | 2026 年市场竞争激烈,重点在承保容量和承保纪律 | 经纪人市场展望 | 高 | 展望不针对单家公司 |
| At-Bay 受限 SAM | 美国 SMB 和中端市场 | 美国网络 DWP 子集,加上 MDR 附加 | 根据 NAIC 和 At-Bay 产品范围推导 | 中 | 需要非公开 GWP 和附加率数据 |
| At-Bay SOM | 经纪人可触达且符合风险偏好的账户 | 未知;按经纪人触达、风险偏好和再保险打折 | 推导出的受限情景 | 低 | 当前 GWP 或细分份额无公开数据 |
除非另有说明,所有美元金额均为年度保费。SOM 刻意不作点估计,因为当前 At-Bay GWP 和 MDR 附加情况为非公开信息。
[CM002, CM003, CM025, CM026, CM027, CM028]At-Bay 的机会从全球网络险保费收窄到美国 SMB / 中端市场网络险,再收窄到经纪渠道触达、符合承保偏好且能附加 MDR 的账户。
金字塔混合了有来源支撑的市场锚点和明确未披露的 At-Bay SOM;未知值只做标注,不做估计。
[CM002, CM003, CM025, CM026, CM027, CM042]全球网络险保费估计集中在 150 亿美元上下,而美国监管基线更低,因为它是全国 DWP 指标。
最后一行用 0 只是未披露 SOM 的视觉占位,不代表 At-Bay 收入或市场份额估计。
[CM002, CM003, CM025, CM028, CM045]2.3 SMB 买方、用户、付款人与采用路径
At-Bay 的目标账户通常不是 Fortune 500 风险管理部门,而是 SMB 或中型市场公司;它们购买网络险,往往由经纪人建议、客户合同要求、贷款方或董事会压力、事故后担忧,或续保时的承保问题触发。经济买方常常是业主、CFO、财务主管 或风险 / 财务负责人;MDR 和主动监控的日常用户是 IT 经理、托管服务提供商或安全负责人;渠道守门人则是经纪人。这种拆分既带来杠杆,也带来摩擦。经纪人能高效引入 At-Bay 的保险加安全主张,但 MDR 预算可能在 IT 手里,保费预算在财务手里。At-Bay 准许承保的小企业产品和经纪人认可的预防优先策略扩大了触达面;CrowdStrike 合作和 Stance MDR 则支撑安全用户侧理由。[CM017, CM018, CM019, CM040, CM041]
| 细分市场 | 买方 | 用户 | 付款方 / 预算负责人 | 工作流触发因素 | At-Bay 匹配度 |
|---|---|---|---|---|---|
| 微型和小型企业 | 业主、财务主管、经纪人 | 业主、外包 IT / MSP | 业主或财务 | 合同要求、经纪人续保、贷款方要求 | 准入 SMB 网络保险和自动化经纪人投保 |
| 有内部 IT 的 SMB | CFO、财务主管、IT 经理 | IT 经理或 MSP | 财务 + IT 预算 | 客户安全问卷、勒索软件担忧 | 保险 + 主动监控和 MDR 增购 |
| 中端市场 | CFO、风险负责人、CISO / IT 总监 | 安全团队、IT 运营 | CFO,听取 CISO 输入 | 董事会风险审查、审计、续保、控制要求 | 网络保险、Tech E&O 和 MDR 组合 |
| 受监管垂直 SMB | 合规负责人、CFO、经纪人 | IT / 安全、合规 | 财务 / 合规预算 | HIPAA、隐私、合同控制 | 更愿意记录控制措施并购买保障限额 |
| 上市公司供应商 | CFO、总法律顾问、CISO | IT / 安全 | 财务和法务 | SEC 规则推高客户审查和事件披露焦虑 | 供应链义务带来间接需求 |
| 非保单持有人 MDR 潜在客户 | IT 负责人、MSP、企业主 | IT / 安全团队 | IT 预算 | 需要外包式 24/7 监测 | 保险业务之外的安全收入 |
买方、使用者和付款方角色由 At-Bay 产品 / 渠道证据与 MDR 买方证据综合得出;实际角色会随公司规模变化。
[CM017, CM018, CM019, CM035, CM040, CM041]经纪主导的转化,需要财务买方、IT 用户、安全服务运营方和渠道守门人对齐。
该流是定性图,拆分角色而非给细分吸引力打分。
[CM018, CM019, CM027, CM040, CM041]At-Bay 转化从风险触发,到经纪投保、承保、内嵌监控,再到可选 MDR 附加。
数值是示意性漏斗指数,不是实测转化率;只保留顺序。
[CM015, CM016, CM018, CM027, CM035, CM044]2.4 增长驱动、监管催化与 MDR 采用
需求增长由三个相互强化的驱动支撑。第一,威胁经济账仍然沉重:Verizon 泄露数据和 IBM 泄露成本研究显示,对缺乏成熟安全运营的公司来说,勒索软件、凭证泄露、业务中断和响应成本仍会造成实质财务影响。第二,监管提高了董事会和客户关注度:SEC 披露规则抬高上市公司治理和事件报告要求,NIS2 则扩大欧盟重要和基本实体的网络风险管理义务。第三,MDR 采用把保险从被动赔付产品转成偏预防的服务包。IDC、Gartner、IBM 和 MDR 市场来源都把 MDR 视为成熟的托管安全品类;At-Bay 的 Stance MDR 顺应这一趋势,向无法自建内部 SOC 能力的客户提供 24/7 监控、响应和修复。对 At-Bay 来说,驱动不只是保单需求增加;更重要的是贴附安全收入、改善损失筛选的可能性。[CM011, CM012, CM014, CM015, CM016, CM021]
| 驱动因素或约束 | 方向 | 时点 | 对 At-Bay 的影响 | 尽调问题 |
|---|---|---|---|---|
| 勒索软件与数据泄露成本压力 | 正向需求驱动 | 当前 | 支撑网络保险和 MDR 需求 | 将 At-Bay 理赔频率与市场基准对比 |
| SEC 网络安全披露规则 | 正向,上市公司外溢 | 2023 年以来持续 | 董事会和供应商审查压力上升,并可能传导至 SMB 供应商 | 跟踪经纪人提交材料是否提及披露压力 |
| EU NIS2 | 美国以外正向 | 2024 年起 | 支撑国际网络风险管理需求;对聚焦美国的 At-Bay 影响较间接 | 评估非美国扩张计划和牌照 |
| MDR 采用与 SOC 外包 | 正向邻近业务 | 当前且增长中 | 拓宽收入质量和损失控制叙事 | 获取附加率、流失率、毛利率和理赔改善 |
| 费率走软 | 负向收入收益率 | 2024-2026 | 即便账户增长,单一风险保费也可能下降 | 在费率持平或下行情境下对 GWP 做压力测试 |
| 再保险容量与定价 | 利弊并存 | 2026 续约 | 再保险走软有利于容量,但可能掩盖周期风险 | 审查合约条款、除外责任和交易对手集中度 |
| 系统性 / 供应商宕机风险 | 负向尾部风险 | 持续 | MDR 无法完全阻止共享供应商风险累积 | 审查聚合模型和巨灾除外责任 |
| 相互矛盾的估算 | 负向尽调不确定性 | 当前 | TAM 精度低于标题图表暗示 | 用多种市场规模口径,避免单一 TAM 倍数 |
驱动因素与约束结合市场来源和 At-Bay 具体影响;时点以 runDate 2026-06-03 为准。
[CM011, CM012, CM021, CM023, CM024, CM030]| 证据视角 | 说明什么 | 为什么重要 | 对 At-Bay 的启示 |
|---|---|---|---|
| At-Bay MDR 页面 | 24/7 监测与响应定位 | 界定产品邻近业务 | 支撑保险保费之外的安全服务 SAM |
| CrowdStrike 合作 | MDR 由公认的端点安全技术支撑 | 降低 SMB 安全买方的信任门槛 | 为 At-Bay Stance 提供合作伙伴背书 |
| IDC MDR MarketScape | MDR 已是公认供应商类别 | 验证市场类别成熟度 | At-Bay 面对的是一个真实存在的托管安全市场 |
| Gartner MDR 市场指南 | MDR 买方看重结果导向 | 显示买方需要托管响应结果 | 支撑面向资源不足 SMB 的销售说法 |
| Expert Insights MDR 趋势 | MDR 市场基数较小但增长很快 | 邻近业务增速更快,但仍是独立市场 | 不要与网络保险 TAM 混算 |
| IBM 数据泄露成本研究 | 安全成熟度影响数据泄露经济性 | 支撑预防和响应 ROI | MDR 可能提升风险筛选和客户价值 |
这些 MDR 行不是完整供应商版图;它们支撑本市场章节的邻近业务和采用逻辑。
[CM014, CM016, CM021, CM022, CM024, CM039]2.5 约束:费率走软、再保险与系统性风险
反向市场情景尤其重要。2024–2026 年证据基础显示市场走软:Howden、Marsh、Aon、Gallagher 和 Fitch 都描述了降价、充足容量,或竞争条件带来的承保风险。这有利于买方,也可能在近期支撑 At-Bay 容量,但当索赔严重度上升时,它会压缩每个风险暴露的保费收益,并挤压利润率。再保险是另一重约束,因为网络聚合风险仍难建模,专业保险公司依赖分出容量。Moody's 关于网络集中度的研究和 CrowdStrike 宕机事件说明,这不是理论风险:共同的 EDR、云、身份或软件更新依赖,可能让许多已承保 SMB 同时停摆。MDR 能降低单个客户的事故频率,但无法让组合完全分散共同供应商故障。尽调结论因此需要平衡:At-Bay 的一体化模型契合 SMB 需求,但估值应因周期时点、系统性风险和未披露的 MDR 贴附经济性而打折。[CM005, CM006, CM007, CM008, CM009, CM010]
| 风险 | 证据 | 严重性 | 为什么影响 At-Bay | 缓释 / 尽调路径 |
|---|---|---|---|---|
| 费率走软 | Howden、Marsh 和 Aon 均称费率下降 | 高 | 压缩每单位承保暴露的保费收益 | 索取队列 GWP、费率变动和续保留存 |
| 承保纪律 | Fitch 警告增长可能抬高承保风险 | 高 | 专业玩家可能在软周期追逐规模 | 按队列和控制要求审查赔付率 |
| 系统性供应商宕机 | CrowdStrike 更新造成大范围主机中断 | 高 | 共同技术依赖可能同时冲击大量被保险人 | 审查聚合暴露和除外责任 |
| 网络风险集中度建模 | Moody's 强调集中度风险 | 高 | 组合相关性难以分散 | 检查巨灾模型假设和压力测试 |
| 再保险依赖 | 2026 年网络再保险明显走软 | 中 | 大事件后容量供给可能反转 | 审查合约期限、再保险人组合和自留额 |
| MDR 预算分割 | SMB 的保险预算和 IT 预算分属不同口径 | 中 | MDR 附加率可能落后于保单数量 | 按客群和经纪人测算附加率 |
| TAM 估算矛盾 | 来源混用了 GWP、DWP 和市场定义 | 中 | 夸大估值叙事的确定性 | 使用受限区间,不用单点 TAM |
| 未披露的 At-Bay 指标 | 当前 GWP、附加率和 MDR 利润率均未公开 | 高 | 阻碍对 SOM 和收入质量做高置信估算 | 尽调需索取非公开 KPI 包 |
反向登记表保留市场风险,而非其他章节负责的公司执行风险。
[CM005, CM006, CM007, CM008, CM009, CM010]2.6 展项
03竞争格局
3.1 竞争格局概览
2026 年美国商业网络保险市场分为 4 个竞争层级,每一层都对 At-Bay 的 InsurSec 定位构成不同威胁。第一层是直接 InsurTech 同业——Coalition、Cowbell 和 Corvus/Travelers,它们都把某种风险情报与保险容量打包。第二层是传统保险公司:Beazley(Zurich Insurance 约 $10.9B 收购,2026 年 3 月宣布)、Chubb 和 AXA XL。它们不靠事故前技术竞争,而是靠财务实力、经纪网络深度和多险种交叉销售。第三层是 Resilience,一家聚焦企业客户的 InsurTech MGA,为 Fortune 1000 CISO 量化网络风险,账户最低门槛明显高于 At-Bay。第四层也是战略上最容易被低估的一层,是独立 MDR / 安全厂商——Huntress、Arctic Wolf、SentinelOne Vigilance 和 CrowdStrike Falcon Complete;它们的 MDR 能力在没有保险组件的情况下,部分替代 At-Bay 的 Stance 平台。 2026 年,全球网络保险市场估计达到 $16.6B 毛承保保费(GWP),约以 15% CAGR 增长。美国约占其中 $10.2B——约 4 million 张有效保单。MGA 现在承保全球网络 GWP 的约三分之一,这一份额自 2021 年以来显著提高。截至 2026 年 3 月,At-Bay 为超过 53,000 名中小企业投保人提供网络保险,按美国投保人数量看,是仅次于 Coalition(全球 100,000+ 投保人)的第二大 InsurTech 网络 MGA。竞争动态由费率走软(全球网络保险费率从 2022 年中到 2025 年约下降 27%)、索赔严重度上升(At-Bay 2026 InsurSec Report 记录每案平均严重度达到历史高点 $221,000),以及 Zurich-Beazley 收购所代表的市场整合加速共同定义。 所有 InsurTech 网络保险公司的现状替代品,是从传统承保公司那里通过经纪人购买、且没有捆绑安全服务的网络保单——对于没有现有 MDR 合同的 SMB 来说,这仍是市场上的最常见选择。内部自建替代方案(公司部署自己的 SIEM/SOC 能力,而不是购买托管安全保险)只对中型市场和企业段相关,不是 At-Bay 核心 SMB 买方的主要选择。 [CP001, CP002, CP003, CP004, CP005, CP006]
| 竞争对手 | 类别 | 规模 / 融资 | 目标客群 | 核心差异点 | 相对 At-Bay 的主要短板 |
|---|---|---|---|---|---|
| At-Bay | InsurTech MGA + E&S 承保公司 | 已融资 $295.75M;53k+ 保单持有人;$155M 收入(2024);AM Best B++(E&S 承保公司) | SMB / 中端市场(仅美国) | Stance MDR(15 分钟 MTTR);全栈 E&S 承保公司;100k+ 保单年数据;InsurSec 领先者 | 仅美国渠道;Coalition 保单持有人约为 At-Bay 的 2 倍;Relay 关闭暴露执行风险 |
| Coalition | InsurTech MGA + 准入承保公司 | $250M Series F;100k+ 保单持有人;$650M+ GWP 运行率;Allianz 10 年合作(2026 年 5 月) | SMB / 中端市场(通过 Allianz 触达全球) | Active Insurance + Coalition Control;CIC 准入承保公司(AM Best A-);Allianz 全球渠道 | 保单持有人数量是 At-Bay 的 2 倍;Allianz 交易补上 At-Bay 没有的全球触达;同属 InsurSec 模式 |
| Cowbell | InsurTech MGA(依赖合作伙伴) | 已融资 $208.3M;Zurich $60M Series C;聚焦 SME;Zurich Select Plus 于 2025 年推出 | SMB / SME(美国) | Cowbell Factor AI 风险评分;Zurich / Swiss Re 容量;借 Zurich Select Plus 扩展多险种 | 无自有承保公司;承保容量依赖合作伙伴;MDR 深度不及 At-Bay Stance |
| Corvus / Travelers | InsurTech(被传统承保公司收购) | 收购前已融资 $160.8M;Travelers 约 $435M 收购(2024 年 1 月);Travelers $43B+ GWP | SMB / 中端市场 / 企业(通过 Travelers 触达全球) | AI Smart Cyber 承保(CrowBar);Travelers Aa2/AA 全球渠道;欧洲扩张 | Travelers 准入承保资质压过 At-Bay 的 E&S;Allianz 交易后,At-Bay 的全球渠道差距扩大 |
| Resilience | InsurTech MGA + 托管服务 | 已融资 $217M;Series D $100M(2023 年 7 月);覆盖美国收入 $1B+ 企业的 10%+ | 企业 / 中端市场(聚焦 CISO) | 量化风险建模;CISO 参与;面向董事会的财务风险量化 | 企业级最低账户规模;SMB 覆盖较窄;MDR / Stance 等价能力有限 |
| Beazley(被 Zurich 收购) | 传统专业承保公司(Lloyd's) | 上市公司(LSE:BEZ);$1.28B 网络保费(2024);Zurich 约 $11B 收购于 2026 年 3 月宣布 | 企业 / 专业险种 / 专业服务 | Beazley Breach Response(BBR)事件后响应;Lloyd's 承保资质;专业市场经验 | 相较 At-Bay 主动模式,它偏被动(仅事件后);$11B Zurich 交易造出资本更厚的对手 |
| Chubb | 传统全球承保公司 | 最大上市 P&C 公司(约 $54B GWP);网络 ERM;54 个国家;Chubb Studio 嵌入式技术 | 企业 / 大型公司 | AA/Aa2 全球财务实力;嵌入式渠道;企业风险管理 | 无主动监测等价能力;在 At-Bay 领先的 SMB 客群竞争力不足 |
| AXA XL | 传统全球承保公司(AXA 事业部) | AXA Group $100B+ 保费基础;AXA XL 专业险 / P&C 事业部;全球准入承保 | 企业 / 大型公司 / 科技 | AXA Group 资产负债表;多地区准入容量;职业责任险经验 | 无 MDR / 主动监测;仅企业客群;At-Bay 尚未在这一规模直接竞争 |
InsurTech 同业规模指标来自公司新闻稿、Coverager 行业数据和独立新闻报道。传统承保公司的网络 GWP 部分根据监管文件和分析师数据估算。除非另有说明,所有数据截至 2026 年 6 月。
[CP001, CP002, CP005, CP006, CP007, CP008]网络险竞争者在技术平台深度(x 轴,0-10)和市场规模 / 分销触达(y 轴,0-10)上的序数定位。At-Bay 技术深度领先,但规模落后于 Coalition 和 Corvus/Travelers。Zurich 收购后,Beazley 进入更高规模位置。分数由分析师根据截至 June 2026 公开确认能力评定。
技术平台深度分数:Coalition(9)—— Control + Wirespeed ADR + CIC;At-Bay(8)—— Stance MDR + E&S 保险公司;Huntress/Arctic Wolf(8)—— 纯 MDR 深度;Corvus/Travelers(6)—— AI 承保 + Travelers 保险载体,但相较 Stance 持续监控有限;Cowbell/Resilience(5)—— 评分工具;Beazley/Zurich(4)—— BBR 被动响应 + 预期收购后技术投入;Chubb(2)—— 网络险技术最少。规模 / 分销分数基于估计 GWP、保单持有人数和地理触达。所有分数都是分析师从公开数据给出的序数估计。
[CP001, CP002, CP005, CP006, CP007, CP010]3.2 直接 InsurTech MGA 同业
Coalition 是 At-Bay 最重要的直接竞争对手。截至 2026 年,Coalition 全球约有 100,000 名有效投保人,约为 At-Bay 53,000 名的 2x,毛承保保费超过 $650M。Coalition 的技术护城河来自 Coalition Control 平台(持续外部监控、零日预警、第三方风险管理和可选的 Wirespeed ADR)、准许承保公司 Coalition Insurance Company(CIC,AM Best A- 评级),以及 2026 年 5 月宣布的 Allianz 合作,后者授予其 10 年全球分销权。Allianz 交易是 Corvus/Travelers 收购以来 InsurTech 网络险板块最不对称的竞争进展:它把 Coalition 的分销大幅延伸到 At-Bay 目前依赖的美国经纪人渠道之外。Coalition 的关键反向信号,是美国投保人从 2022 年约 160,000 名降至 2025 年约 110,000 名、随后全球回升至 100,000+ 的过程缺乏解释;这引发组合质量和定价纪律问题,部分抵消其规模优势。 Cowbell(加州 Pleasanton;2019 年创立)累计融资 $208.3M,其中包括 Zurich Insurance Group 投入的 $60M Series C。Cowbell 面向 SME,使用 AI 驱动的 Cowbell Factor 风险评分,但不运营自有承保公司;它通过 Zurich North America 和 Swiss Re 分配容量。2025 年 6 月 Zurich Select Plus 模块化多险种 E&S 产品上线,标志着 Cowbell 从纯网络 MGA 向多险种专业平台演进;2025 年 11 月品牌刷新也释放了同样信号。相较 At-Bay 的 E&S 承保公司(At-Bay Specialty Insurance Company,AM Best B++)和 Coalition 的准许承保保单纸,Cowbell 没有自有保单纸,是实质结构性劣势,因为这限制精算数据反馈闭环和定价灵活性。 Corvus/Travelers(马萨诸塞州 Boston;2024 年 1 月由 Travelers 以约 $435M 收购)现在作为 Travelers 的 AI 驱动网络承保能力运行。Corvus 通过 CrowBar 平台整合绑定前的持续威胁扫描,向投保人交付实时风险仪表盘,并交叉销售到 Travelers Aa2/AA 评级的全球商业险分销体系。收购后,Corvus 扩展到欧洲大陆市场;At-Bay 还没有这种地理触达。Travelers 组合是最强的机构型竞争者:在风险评分用途上,它拥有与 At-Bay Stance 平台相当或更好的承保技术(虽然 MDR 深度不及),同时分销能力高出一个数量级。 Resilience(纽约;2016 年创立;4 轮融资共 $217M,包括 2023 年 7 月 $100M Series D)聚焦收入约 $200M 以上的企业账户,用定量网络风险建模和 CISO 级互动来差异化。美国收入超过 $1B 的企业中,已有超过 10% 采用 Resilience 平台。Resilience 不是 At-Bay 的直接 SMB 竞争对手;但在 At-Bay 新产品线(收入最高 $5B、保额最高 $10M)正在扩展的中型市场和企业段,它是有意义的竞争对手。 [CP005, CP006, CP007, CP008, CP009, CP010]
能力矩阵按六项买方相关标准比较 At-Bay 和五个主要竞争者。At-Bay 在 MDR 深度和 SMB 定价可及性上领先传统保险公司;Coalition 借 Allianz 在认可承保载体广度和全球分销上领先;Corvus/Travelers 把 AI 承保与全球分销结合,是最强的汇合型威胁。
能力评级基于截至 June 2026 公开可得的产品页面和新闻稿。Corvus/Travelers 的「部分(绑定扫描)」指 AI 驱动的风险评估发生在保单绑定时,但并不是与 Stance 或 Coalition Control 等同的持续运行监控服务。
[CP001, CP005, CP007, CP008, CP022, CP030]3.3 传统特种险承保人
Beazley PLC(伦敦;LSE 上市)长期以来是技术最前沿的传统网络险承保公司。其 Beazley Breach Response(BBR)产品提供事故后服务——法律、取证、公关和通知,并在医疗、金融服务和科技网络险中拥有公认地位。2025 年,Beazley 因索赔严重度上升和保费下滑,开始降低美国网络风险暴露,给复杂买方形成了暂时的市场趋硬。2026 年 3 月,Zurich Insurance Group 宣布同意以约 $10.9B(GBP 8.1B)收购 Beazley——打造分析师所称的「网络保险强权」,把 Beazley 的技术深度与 Zurich 的全球资产负债表和分销结合起来。如果完成,Zurich-Beazley 组合将拥有约 $1.28B 网络保费(Beazley 单体,2024 年),并成为资本最雄厚的传统保险公司 威胁。这既是 At-Bay 长期市场地位的最大威胁,也验证了网络专业保险板块的战略价值。 Chubb Limited(NYSE: CB)是全球最大的上市财产与意外险保险公司,业务覆盖约 54 个国家,GWP 约 $54B。Chubb Cyber ERM 面向中大型企业,并通过 Chubb Studio 为数字合作伙伴提供嵌入式分销。Chubb 的 AA/Aa2 财务实力评级,是相对 At-Bay 的主要竞争优势;不过,Chubb 没有与 At-Bay Stance 相当的持续事故前监控,因此对优先考虑主动安全管理而非承保公司财务实力的 SMB 来说竞争力不足。 AXA XL 是 AXA Group 的财产与意外险及专业风险部门,依托 AXA 全球资产负债表为大型企业提供网络责任保障。AXA XL 与 At-Bay 的竞争主要在企业段(收入 $500M 以上),而 At-Bay 新的大客户产品线(保额最高 $10M)正在进入这一段。AXA XL 的主要优势,是在 At-Bay 没有覆盖的地区提供全球准许承保保障;主要弱点,是缺乏与 At-Bay Stance 相当的一体化事故前安全服务。 [CP011, CP012, CP013, CP020, CP021, CP022]
| 公司 | 准入 / E&S 承保资质 | 事件前主动监测 | MDR / ADR | DFIR 合作方 | SMB 定价(收入 <$5M) | 全球渠道 |
|---|---|---|---|---|---|---|
| At-Bay | 是(E&S;AM Best B++) | 是(Stance — MDR、漏洞扫描、暗网) | 是(Stance MDR — 15 分钟 MTTR) | 是(合作伙伴网络) | 是(可比 SMB 定价) | 否(仅美国) |
| Coalition | 是(CIC 准入;AM Best A-) | 是(Coalition Control — 全套能力) | 是(Wirespeed ADR) | 是(Coalition Incident Response) | 是(2026 年 SMB 中位数约 $1k/yr) | 部分(Allianz 合作,2026 年 5 月) |
| Cowbell | 否(Zurich NA + Swiss Re 合作伙伴) | 部分(Cowbell Factor AI 风险评分) | 否 | 有限(仅供应商面板) | 是(聚焦 SME 的 AI 定价) | 否 |
| Corvus / Travelers | 是(Travelers Aa2/AA 准入) | 部分(出单时 AI 承保扫描) | 否(标准供应商面板) | 有限(Travelers 供应商面板) | 是(通过 Travelers 覆盖中端 SMB) | 是(Travelers 全球) |
| Beazley / Zurich | 是(Lloyd's + 通过 Zurich 准入) | 否(仅事件后被动响应) | 否 | 是(Beazley Breach Response — BBR) | 否(最低 $5k+ 保费) | 是(Lloyd's + Zurich 全球) |
| Chubb | 是(全球准入 AA/Aa2) | 否 | 否 | 否(仅供应商转介) | 否(企业级最低门槛) | 是(54 个国家) |
能力评级来自截至 2026 年 6 月的公开产品页、官方新闻稿和独立分析师报道。是 = 已发布的标准产品;部分 = 有限版本或已宣布但功能未完整;否 = 未作为标准能力发布;未知 = 公开证据不足。
[CP001, CP005, CP007, CP008, CP011, CP012]3.4 MDR 与安全厂商替代品
At-Bay 的 Stance 平台把 MDR、漏洞扫描和暗网监控打包给投保人,用作放大器,降低被保险企业的索赔频率和严重度。独立 MDR 厂商也能在不带保险组件的情况下提供同样服务;随着这些厂商降价并提高 SMB 可获得性,它们会削弱 At-Bay 从捆绑模型中提取的差异化价值。这是 At-Bay 护城河的结构性风险,不是即时替代威胁。 Huntress(马里兰州 Columbia;2015 年创立)2024 年 ARR 超过 $100M,完成 $180M Series D,估值 $1.5B;截至 2026 年初拥有超过 4,000 个 MSP 合作伙伴关系。Huntress 通过 MSP 渠道面向 SMB——与 At-Bay 核心市场是同一客户段——标价约为每端点每月 $8.99。Huntress 在部署便利性和 SMB 优化定价上直接与 Stance MDR 竞争,虽然它不捆绑保险,也不提供承保公司保单纸。Huntress 的 MSP 渠道主导地位,让它在 SMB 细分中拥有 At-Bay 通过直销渠道所缺乏的分销密度。 Arctic Wolf(明尼苏达州 Eden Prairie;2012 年创立)2026 年 2 月提交 S-1 公开发行文件,估值约 $4.3B。Arctic Wolf 2026 年估计收入约 $913M,高于 2024 年 $541M ARR。Arctic Wolf 面向中型市场组织,通过 Aurora Superintelligence Platform 交付礼宾式 MDR;截至 2024 年客户超过 5,500 名。Arctic Wolf 的中型市场聚焦与 At-Bay 向上扩展发生重叠,其 IPO 进程也释放出加速商业增长的意图。 CrowdStrike Falcon Complete 和 SentinelOne Vigilance Respond 代表企业级 MDR 层。两者单独购买时价格高于 At-Bay Stance,但覆盖广度更强(SIEM、身份威胁检测、威胁情报),对复杂对手的检测率更高,也拥有一些企业买方相对 At-Bay 一体化但绑定承保公司的 MDR 产品更偏好的独立品牌认知。CrowdStrike($2B+ ARR,Nasdaq: CRWD)和 SentinelOne($700M+ ARR,NYSE: S)并不主要是保险相关竞争者;但随着其托管层面向 SMB 的价格下降,保险捆绑对 At-Bay 来说就不再那么能区分 MDR 成本。 Palo Alto Networks Cortex XSOAR 和 Managed Threat Hunting,是面向已经部署 Palo Alto 防火墙和 SASE 基础设施企业的另一类相邻替代品。At-Bay 今天不直接在这一层竞争,但任何未来企业扩张都可能触发这种替代风险。 [CP018, CP019, CP023, CP024, CP025, CP026]
| 提供商 | 模式 | 规模 / 融资 | 定价 | SMB 适配度 | 是否捆绑保险 |
|---|---|---|---|---|---|
| At-Bay Stance MDR | 与网络保险捆绑 | $13M MDR ARR(2024);7,500 个 MDR 客户(2024) | 随保单包含(对保单持有人实质免费) | 是(核心聚焦 SMB) | 是 — 主要差异点 |
| Huntress MDR | 独立销售;MSP 渠道优先 | $100M+ ARR(2024);$180M Series D;$1.5B 估值;4,000+ MSP 合作伙伴 | 约 $8.99/endpoint/month(标价) | 是(针对 SMB 优化;由 MSP 交付) | 否 |
| Arctic Wolf MDR | 独立销售;礼宾式模式 | 2026 年收入估计约 $913M;$4.3B 估值;5,500+ 客户;2026 年 2 月提交 S-1 | $6-10/endpoint/month(估计) | 部分(聚焦中端市场) | 否 |
| CrowdStrike Falcon Complete | 独立销售;企业 MDR | $2B+ ARR(Nasdaq:CRWD);Falcon Complete 托管层 | >$15/endpoint/month(企业定价) | 否(企业级最低门槛) | 否(存在 Falcon for Insurers 合作计划) |
| SentinelOne Vigilance Respond | 独立销售;AI 原生 MDR | $700M+ ARR(NYSE:S);Vigilance Respond / Wayfinder 托管层 | $5-12/endpoint/month(托管层估计) | 部分(中端市场可触达) | 否 |
MDR 定价来自截至 2026 年 6 月的公开标价或公开公告。收入和估值数据来自新闻稿、S-1 文件(Arctic Wolf)和分析师数据。At-Bay Stance MDR 与保险捆绑;其他提供商单独销售安全服务。定价比较为近似值,取决于端点数量和席位规模。
[CP018, CP019, CP023, CP024, CP025, CP026]3.5 定价、分销与切换成本
At-Bay 完全通过持牌保险经纪人分销。这个模型带来既有买方关系的触达,但也制造结构性利润分成,并依赖经纪人的排序决策。Coalition 使用同样的经纪人渠道模型;Cowbell 已开始用直接 SME 外联补充。At-Bay 和 Coalition 都没有披露直接面向买方的销售能力。经纪人依赖在渠道层面制造关键方风险:如果大型经纪商整合、改变承保名单 偏好,或推出内部 MGA 产品,At-Bay 在没有直接关系兜底时会失去不成比例的业务量。 SMB 网络保险市场定价已从 2022 年峰值显著走软。全球网络保险费率从 2022 年中到 2025 年约下降 27%;美国约下降 9%。2026 年,干净风险的 SMB 网络险平均保费估计为每年每 $1M 保额约 $1,000。随着费率下行,At-Bay 捆绑 MDR 的成本收益账也会变化:买方现在支付 $1,000/year,就能以低于 2022 年高费率环境的绝对保费,获得同样包含监控的价值主张。保险组件定价权下降,迫使 At-Bay 越来越需要用独立安全价值证明 MDR 包;Huntress 标价 $8.99/endpoint/month,而 At-Bay 的 Stance MDR 实际上免费包含在内,这让保险加安全包在绝对价格上越来越有优势,但差距在缩小。 InsurSec 模型中的切换成本为中等。At-Bay 投保人如果切换到 Coalition,会失去 Stance MDR 集成、持续漏洞扫描历史,以及嵌入保单的修复流程。同一个买方会获得 Coalition Control 的完整监控套件。切换成本有意义,但不构成禁止性障碍:大多数投保人每年续保,并在每次续保时评估替代方案。多归属(从 Huntress 购买监控、从传统承保公司购买保险)在结构上可行;对于已有 MSP 关系、预算受限的 SMB 来说,这一选择越来越有吸引力。At-Bay 的 E&S 承保公司(At-Bay Specialty Insurance Company,B++ 评级)获得 AM Best 财务实力重申,在续保时提供可信度,但与每份保单的集成深度相比,它不是实质锁定因素。 [CP014, CP015, CP016, CP028, CP029, CP030]
| 参与者 | 定价模式 | 包含能力 | 分销渠道 | 主要切换成本 |
|---|---|---|---|---|
| At-Bay (InsurSec) | 按风险年保费;AI 按风险画像调整;无公开费率表 | 包含 Stance MDR(MDR + 漏洞扫描 + 暗网监测);E&S 承保资质;DFIR 合作伙伴网络 | 仅经纪人渠道(美国持牌经纪人);经纪人门户支持报价 / 出单 | Stance 集成历史;MDR 告警流程嵌入保单;约 $1k/yr,相比独立 MDR 成本 |
| Coalition (Active Insurance) | 按风险年保费;由 AI 调整;2026 年 SMB 中位数约 $1k/yr | 包含 Coalition Control(完整监控 + 告警 + TPRM);CIC 合规承保或 CIS 盈余线;Wirespeed ADR 可选 | 仅经纪人渠道(美国 + May 2026 起借 Allianz 覆盖全球);Coalition Control 可独立购买 | Coalition Control 集成深度;8+ 年平台熟悉度;合规承保牌照(50 个州) |
| Cowbell(Cowbell Factor) | 按风险由 AI 评分定价保费;无公开费率表;Zurich NA 承保容量 | Cowbell Factor 风险评估;基础监控;Zurich Select Plus 多险种;无自有 MDR | 仅经纪人渠道(美国);Zurich 分销补充 | Cowbell Factor 评分历史;Zurich 多险种交叉销售;中等切换成本 |
| Corvus / Travelers | AI 承保接入 Travelers 评级,支撑中端市场定价 | Smart Cyber 保单;Corvus AI 风险评分;Travelers 商业多险种;Tech E+O 产品 | Travelers 全球经纪人网络(美国 + 欧盟 + APAC);网络安全 MGA 中最大的 SMB / 中端市场分销 | Travelers AA 关系;多险种账户切换摩擦高;具备全球配售能力 |
| 在位者(Beazley / Zurich、Chubb) | 企业议价定价;最低 $5k-$15k+ 保费;续保按赔付调整 | 保障范围全面;BBR 服务(Beazley);企业风险管理;全球承保地域 | 全球保险经纪网络(Marsh、Aon、WTW、Gallagher 服务企业账户) | 企业风险经理关系;多地区合规承保牌照;多险种项目依赖 |
定价数据来自 Fitch Ratings 美国网络市场分析(2025 年 5 月)、WTW 网络风险展望(2026 年 2 月)、CFC 2026 市场报告,以及公司公开材料。经纪人佣金估算采用行业常规;具体条款未公开披露。At-Bay 和 Coalition 不发布费率表。
[CP014, CP015, CP016, CP028, CP029, CP031]3.6 护城河韧性与竞争风险
At-Bay 的主要竞争护城河包括:(1)100,000+ 保单年专有理赔数据,用于承保和风险评分;(2)Stance MDR 平台公开的 15 分钟平均修复时间(MTTR),作为技术差异点;(3)E&S 承保公司身份,使其能获得承保控制权和定价反馈闭环,而 Cowbell 这类依赖容量的 MGA 拿不到。这些护城河真实存在,但正在被侵蚀:按投保人数量看,Coalition 的数据优势是 At-Bay 的 2x,Coalition 的 Allianz 分销合作也已拉大分销差距。 2026 年最实质的反向竞争证据,是 At-Bay 关闭 Relay 专业保险平台。At-Bay 2022 年收购 Relay,意在进入专业险种市场(管理责任险、专业责任险和其他非网络险种),但在 2025–2026 年决定关停该平台。Relay 关停释放两层风险:第一,At-Bay 的多产品扩张雄心已经收缩,削弱其总可用市场论证;第二,Coalition 深化准许承保公司能力和 MDR 平台期间,管理层带宽被 Relay 建设分走。反向信号还因一个事实而加重:多元化是 At-Bay Series D 叙事的一部分,逆转会带来可信度风险。 Zurich-Beazley 收购($10.9B,2026 年 3 月)是未来 5–7 年对 At-Bay 护城河最重要的单一结构性威胁。合并后的 Zurich-Beazley 将拥有 Beazley 已验证的网络理赔专业能力(2024 年网络保费 $1.28B+)、Zurich 全球准许承保公司网络,以及以 InsurTech MGA 没有新一轮融资就无法匹配的规模投资事故前技术的资本。At-Bay 没有与全球传统保险公司的合作关系来抵消这种规模整合——Coalition 的 Allianz 交易正是 At-Bay 缺少的对等机制。 来自安全厂商(CrowdStrike、SentinelOne、Arctic Wolf、Huntress)的商品化压力真实存在,但偏中期。随着 MDR 定价下降、MSP 渠道渗透加深,对于已经从其他厂商购买托管安全的买方,At-Bay Stance 平台的捆绑安全价值会变窄。15 分钟 MTTR 主张和 MDR $13M ARR 的独立产品收入,是防御信号:At-Bay 正在主动尝试打造一个不依赖保险包的安全业务。如果成功,这种拆分会让安全产品独立成立,从而强化护城河。 [CP032, CP033, CP034, CP035, CP036, CP039]
| 护城河主张 | 主要威胁 | 严重程度 | 缓释措施 / 尽调问题 |
|---|---|---|---|
| 自有理赔数据(~100k 保单年,2026 InsurSec Report) | Coalition 的保单年数据超过 2x;Coalition 数据集复利更快,数据护城河优势被削弱 | 高 | 量化 At-Bay 精算模型相对行业基准的提升;核实 100k 保单年是否已构成有意义的承保底座,还是相对 Coalition 200k+ 仍不足 |
| Stance MDR 15 分钟 MTTR —— 保单内含事前安全服务 | Huntress、Arctic Wolf 以 $8-10/endpoint 提高 SMB MDR 渗透;独立 MDR 变便宜,捆绑价值被侵蚀 | 中 | 跟踪 Stance MDR 独立客户增长(2024 年 $13M ARR、7,500 名客户),作为没有保险补贴时防御力的代理指标 |
| E&S 保险公司(At-Bay Specialty Insurance Company,AM Best B++) | Coalition 拥有合规承保牌照(A-,50 个州);At-Bay 的 E&S 身份限制其在受监管行业和州内走核准承保渠道 | 中 | 跟踪 At-Bay Specialty Insurance Company 评级走势;评估在关键受监管行业的经纪人承保安排决策中,B++ 是否显著低于 CIC 的 A- |
| Relay 专业险平台(管理责任险扩张)—— 2025-2026 年关停 | 多险种野心收缩;At-Bay 战略重心重新收窄到网络险;Cowbell / Zurich 已在执行多险种;Coalition 正在增加相邻险种 | 高(反向信号) | 了解管理层关停 Relay 的决策;评估工程带宽现在是否集中到 Stance MDR 和保险公司平台,而不是被失败的多元化消耗 |
| 仅美国分销 vs. Coalition / Allianz 与 Corvus / Travelers 的全球触达 | Allianz 交易让 Coalition 进入美国以外商业市场;Corvus / Travelers 已在欧盟;At-Bay 未披露美国以外分销路径 | 高 | 向管理层询问国际分销战略;缺少全球分销伙伴,是相对 Coalition 和 Corvus 最清晰的结构性缺口 |
护城河评估由分析师基于公开证据推导。严重程度评级反映威胁一旦落地,估计会在 2026 年 6 月起 36 个月窗口内对 At-Bay 竞争位置造成的影响。所有评估均为作者基于公开信息作出的分析。
[CP032, CP033, CP034, CP036, CP039, CP040]截至 June 2026,At-Bay 五个关键维度竞争耐久性的简明概览。分数反映作者基于公开证据的评估;红 / 黄 / 绿表示估计耐久性。
[CP033, CP034, CP036, CP039, CP040]3.7 展项
04财务情况
4.1 收入模式与保险保费经济性
At-Bay 的财务架构围绕两条相互连接的收入流:来自 E&S 网络险和 Technology E&O 业务的保险保费,以及来自 Stance 平台的安全即服务订阅费。保险保费是主导收入驱动,完全通过批发经纪人和数字渠道分销。At-Bay 将约 85% 毛承保保费分出给 Munich Re 牵头的再保险团,自留后的价差成为净收入;母公司还按 2024 年与 At-Bay Specialty Insurance Company 签署的 MGA 协议,作为总代理承保人(MGA)赚取管理和承保费用。 Forbes 报道 At-Bay 2024 年总收入约 $155M,高于 2023 年的 $129M。Florida Surplus Lines Service Office(FSLSO)监管文件显示,At-Bay Specialty Insurance Company 的毛保费 2024 年增长 119% 至 $338.2M,再保险分出后自留净保费 $49.9M。2023 年,公司录得毛保险保费 $301M;尽管全市场保费费率走软,规模仍较 2022 年增长 20%,合并层面净收入超过 $110M。2022 年,当 At-Bay 作为纯 MGA 完全使用第三方 Munich Re(HSB)保单纸承保时,毛承保保费约达 $380M。 2024 年,美国直接网络险承保保费下降 6% 至约 $9.14B(Fitch Ratings,2025 年 5 月),给整个板块带来结构性收入端逆风。网络再保险非比例费率在 2026 年 4 月续约季按风险调整下降 32%(Gallagher Re 数据,由 actuary.info 报道),降低了再保险成本,但也释放出容量过剩信号,可能进一步压低原保险 保费费率。2024 年,$1M 保额的独立 SMB 网络险年保费约为 $1,200–$2,200;进入 2026 年,费率预计保持持平到小幅为负。 [CI001, CI002, CI003, CI005, CI009, CI010]
| 收入来源 | 机制 | 2024 估计值 | 收入质量 | 尽调问题 |
|---|---|---|---|---|
| 保险净保费(子公司) | At-Bay Specialty 留存约 15% GWP;85% 分出给再保险组合 | ~$50M(FSLSO 净保费) | 中等;承受赔付率恶化风险(2024 年已发生赔付率 68%) | 确认母公司层面的净保费留存与费用收入拆分 |
| MGA 管理与承保费用(母公司) | 母公司 At-Bay Inc. 依据 MGA 协议向子公司收取管理费和承保费 | ~$100–105M(相对 $155M 总额的估计差额) | 可变;取决于分出比例和保单量;未单独披露 | 要求提供分部 P&L,拆分 MGA 费用收入与净保费收入 |
| Stance MDR 订阅 | 每个 SMB 客户按年支付托管检测与响应订阅费 | $13M ARR(7,500 名客户,隐含 ~$1,733/yr) | 经常性强;仍处早期(October 2023 推出);毛利率未披露 | 获取 MDR 分部的毛利率、流失率、CAC 和 NRR |
| 合并净收入 | 保险与安全业务收入合计 | ~$155M(Forbes,2024) | 私人公司口径;未经审计;依赖单一媒体援引公司说法 | 要求提供经审计合并财务报表 |
均为 2024 数据。保险净保费来自 FSLSO At-Bay Specialty Insurance Company annual 2024 filing(仅子公司)。MGA / 保险公司费用估计值由 Forbes 报道的 $155M 合并收入减去 $49.9M 子公司净保费推导,At-Bay 未单独披露。Stance MDR ARR 和客户数来自 Forbes 援引的公司沟通。所有数值均未经审计。
[CI001, CI003, CI007, CI009, CI019]| 产品 | 标价 / 单位 | 合同模式 | 实际定价信号 | 2024–2026 趋势 |
|---|---|---|---|---|
| 网络保险(SMB,$1M 限额) | $1,200–$2,200/yr 微型至小型 SMB;$7,000–$15,500/yr 中端市场(市场估计) | 年度保单;通过 E&S 批发经纪人分销 | 2024 年费率下降约 ~5–7%;2026 年预计持平 / 负增长 | 走软;主要费率逆风 |
| Tech E&O(SMB / 中端市场) | 未公开披露;按风险暴露和收入区间定价 | 年度保单;批发或数字经纪渠道 | 与网络险费率周期一致 | 随网络险费率下行 |
| Stance MDR(附加或独立购买) | 每客户 ~$1,733/yr(隐含);标价未公开披露 | 年度 SaaS 订阅;可与保单捆绑或单独销售 | 由 $13M ARR / 7,500 名客户隐含;不受保险费率周期影响 | 增长中;结构上隔离于网络险定价周期 |
| 经纪人佣金(市场估计) | E&S 批发承保安排中占 GWP 的 10–20%(市场区间) | 支付给零售 / 批发经纪人;At-Bay 不赚取 | 市场标准;At-Bay 未披露 | 稳定;数字渠道小幅压缩 |
SMB 网络险保费区间来自市场调查(Insurance Business,2024)。Stance MDR 隐含单价由 At-Bay 的 $13M ARR 和 7,500 客户数推导(Forbes)。经纪人佣金为市场估计;At-Bay 未公开披露佣金表。实际成交价相对标价未披露。
[CI009, CI031, CI032]E&S 保险公司子公司的总签单保费,如何通过再保险分出和 MGA 费用结构转换为合并净收入。
MGA 费用收入估计为 Forbes 报道的 $155M 合并收入与 FSLSO 报道的子公司 $49.9M 净保费之间的差额。约 85% 的分出率来自 FSLSO 2024 年年度文件中的总保费到净保费比例($338.2M GWP 中 $288.3M 分出)。所有数值均为近似值,未经审计。
[CI001, CI007, CI009, CI018, CI019]4.2 Stance 安全订阅与双收入扩张
At-Bay 的 Stance 平台把 40,000+ 个已承保客户关系,转成安全即服务的增购入口。Stance 托管检测与响应(MDR)在 2023 年 10 月作为可选 MDR 订阅推出,客户数从 2023 年不足 1,000 家增长到 2024 年底 7,500 家,贡献约 $13M 年化订阅收入。装机客户渗透率约 18.75%(7,500 / 约 40,000),说明交叉销售仍有实质上行空间,但产品商业化还处在早期。 Stance 平台打包漏洞扫描、暗网监控、AI 驱动的邮件欺诈警报、vCISO 咨询服务和员工安全培训;At-Bay 称,每张保单内嵌 $70,000 的安全工具价值(Insurance Business,2025 年 7 月五星评价)。单独 MDR 定价未公开;按披露的 7,500 个客户 / $13M ARR 比例倒推,Stance 单客户年收入约 $1,733,与 SMB 细分市场的 MDR 定价大体一致。At-Bay 官网披露 1.5M 个受监控资产、威胁平均修复时间 15 分钟,凸显运营规模。 Stance 订阅层带来有意义的战略选择权:它降低 At-Bay 对保险费率周期的依赖,并提供毛利率更高的经常性收入。不过,Stance 收入($13M)相较合并净收入(约 $155M)仍小,约占总额 8.4%。Stance 的独立毛利率、流失率、CAC 和净收入留存率未公开。Akira 勒索软件在勒索索赔中占比超过 40%,说明威胁行为者集中风险可能同时影响保险赔付率和 Stance MDR 服务范围。 [CI006, CI007, CI008, CI034, CI040]
| 指标 | 数值 / 区间 | 置信度 | 重要性 | 尽调问题 |
|---|---|---|---|---|
| 总承保保费(子公司) | $338.2M(2024) | 高(FSLSO 文件) | E&S 保险公司收入端规模;用自有承保牌照经营的首个完整年度 | 确认所有承保牌照安排下的合并 GWP |
| 留存净保费(子公司) | $49.9M(2024) | 高(FSLSO 文件) | 向再保险人分出 85% 后的实际保险收入 | 要求提供母公司层面净保费,并纳入 MGA 费用收入 |
| 已发生损失率(子公司) | 68%(2024)vs. 50%(2023) | 高(FSLSO 文件) | 承保经济性的核心驱动;一年恶化 18 个百分点 | 与过往年份和行业基准对比(行业约 ~49%) |
| 综合成本率(子公司) | 102%(2024)vs. 98%(2023) | 高(FSLSO 文件) | 已进入承保亏损区间;保险公司盈利能力的关键指标 | 获取母公司综合成本率,并纳入 MGA 费用收入抵消 |
| Stance MDR ARR | $13M 年化(end-2024) | 中(Forbes) | 类似软件的经常性收入多元化 | 获取毛利率、CAC、流失率和 NRR |
| Stance MDR 客户数 | 7,500(end-2024) | 中(Forbes) | 在 ~40K 被保险客户基数中的渗透率约 ~18.75%;显示增购潜力 | 跟踪季度增长和流失率 |
| 隐含每客户 MDR 收入 | ~$1,733/yr | 低(推导) | 定价代理指标;与 SMB MDR 市场费率一致 | 确认官方 MDR 标价和价格层级 |
| CAC — 保险 | 未披露 | 低 | 经纪人渠道经济性和销售效率的关键驱动 | 要求提供经纪人渠道 vs. 直销的每保单获客成本 |
| CAC — Stance MDR | 未披露 | 低 | 关键 SaaS 效率指标 | 要求提供混合 MDR 获客成本和回本周期 |
| 净收入留存率(Stance MDR) | 未披露 | 低 | 衡量留存和扩张收入的核心 SaaS 健康指标 | 要求提供 MDR 分部的 NRR 和流失队列数据 |
子公司层面数据来自 FSLSO At-Bay Specialty Insurance Company annual 2024 filing。母公司层面指标不可得;At-Bay Inc. 不发布经审计合并财务。Stance 指标来自 Forbes 援引的公司沟通。两个业务分部的 CAC、NRR 和毛利率均完全未披露。
[CI006, CI007, CI010, CI018, CI019, CI021]SMB 投保人如何转化为 Stance MDR 订阅用户,以及转化漏斗各阶段隐含的单位经济。
渗透率和隐含单客 ARR 根据 Forbes 披露数据推导(7,500 名客户、$13M ARR)。毛利率和 CAC 未公开披露;缺失项明确列为尽调缺口。合资格总人群假设为 At-Bay 首页披露的全部约 40,000 名投保客户。
[CI006, CI007, CI008]4.3 承保载体结构、资本充足性与再保险面板
At-Bay 在 2023 年 8 月完成从 MGA 到承保载体的转型,开始由 At-Bay Specialty Insurance Company(NAIC 19607)签发所有新的 E&S Cyber 和 Tech E&O 保单;该公司是其 2023 年 1 月从 XL Insurance America 收购的特拉华州注册子公司。该实体原名 XL Select Insurance Co.(1965 年成立),在 44 个州具备准入资格,并已有成熟监管足迹。AM Best 在 2023 年 4 月给予 A-(Excellent)评级和稳定展望,使 At-Bay 能参与要求评级承保纸的经纪配置。Insurance Business 称 At-Bay 是首家成为 E&S 承保载体的网络保险科技公司。转型前,At-Bay 使用 HSB Specialty Insurance Company 承保纸(AM Best A++,Munich Re 子公司)。 At-Bay Specialty Insurance Company 的 FSLSO 2024 年度申报显示,截至 2024 年底,总认可资产为 $223.9M,资本与盈余为 $101.2M;到 2025 年 Q2 快照时仍大体稳定在 $100.7M。总保费 / 盈余比率达到 334.2%,高于 NAIC 通常区间(IRIS #4、#6、#10 被标记),反映中等资本基础上保费快速放大。母公司层面,At-Bay Inc. 已累计募集外部资金 $292M:2021 年 7 月 Series D 轮融资 $185M,估值 $1.35B,并在 2021 年 10 月由 ION Crossover Partners 追加 $20M。2021 年 10 月后未宣布新的融资。 截至 2024 年,再保险面板由五家授权再保险人组成:Münchener Rückversicherungs-Gesellschaft、Skyward Specialty Insurance Group、AXA SA、W.R. Berkley Corp. 和 Fairfax Financial Holdings;它们均为美国非关联或非美国授权机构,2024 年申报中逾期再保险追偿为零。At-Bay 自留约 15% 的保险风险。根据 Gallagher Re 数据,2026 年 4 月续约时网络再保险非比例费率下降 32%,对 At-Bay 分出部分是积极成本信号,但也说明整体容量过剩,可能进一步压缩原始网络保险费率。 [CI011, CI012, CI013, CI014, CI015, CI016]
| 项目 | 数值 | 来源 / 日期 | 评述 |
|---|---|---|---|
| 累计外部融资(成立以来) | $292M | CarrierManagement / Oct 2021 | Oct 2021 Series D 延展轮之后未再融资 |
| Series D(初始交割,Jul 2021) | $185M,投后估值 $1.35B | BusinessWire / Jul 2021 | Icon Ventures 和 Lightspeed Venture Partners 共同领投 |
| Series D 延展轮(Oct 2021) | $20M(ION Crossover Partners) | CarrierManagement / Oct 2021 | 使 Series D 总额达到 $205M |
| At-Bay Specialty Ins. — 资本与盈余(2024) | $101.2M | FSLSO annual 2024(监管文件) | 仅子公司;相对 2023 年 $100.0M 基本稳定 |
| At-Bay Specialty Ins. — 总认可资产(2024) | $223.9M | FSLSO annual 2024(监管文件) | 较 2023 年 $196.4M 增长 14% |
| 总保费 / 盈余比率(2024) | 334.2% | FSLSO annual 2024(监管文件) | IRIS ratio #4 被标记为超出常规区间;说明资本基础上的保费杠杆偏高 |
| 净保费 / 盈余比率(2024) | 49.3% | FSLSO annual 2024(监管文件) | 按 NAIC IRIS 指引处于常规区间内 |
| 经营活动现金流(子公司,2024) | -$10.7M | FSLSO annual 2024(监管文件) | 从 2023 年 +$34.1M 恶化;反向摆动 $44.8M |
| 税后净利润(子公司,2024) | $955K | FSLSO annual 2024(监管文件) | 盈利很薄;较 2023 年 $1.29M 下降 26% |
| 母公司现金 / 烧钱速度 / 现金跑道 | 未公开披露 | — | 关键尽调缺口;Oct 2021 以来无公开融资 |
资本与盈余、资产和现金流数据仅对应 At-Bay Specialty Insurance Company(E&S 保险公司子公司),不是 At-Bay Inc. 合并口径。母公司层面的现金余额、烧钱速度和现金跑道未公开披露。$292M 累计融资额包含从创立到 October 2021 的所有融资轮次。
[CI016, CI024, CI025, CI027, CI028, CI029]在点估计依赖单一来源或包含近似测算的关键 At-Bay 财务指标上,列出有来源支撑的不确定性区间。
收入区间反映 Forbes 单一来源带来的不确定性(未提供置信区间);采用 ±$10M。GWP 和子公司指标来自 FSLSO 监管文件(高置信度);窄区间反映潜在审计差异。Stance MDR ARR 区间对 Forbes 披露数据施加 ±15% 边际。综合成本率区间假设 FSLSO 申报数据周围存在 ±2pp 四舍五入或审计差异。
[CI001, CI007, CI016, CI018, CI021, CI029]4.4 索赔经济性、赔付率压力与市场逆风
FSLSO 监管申报最清楚地揭示了 At-Bay 的赔付经济性。At-Bay Specialty Insurance Company 报告 2024 年已发生损失率为 68%,综合成本率为 102%;2023 年分别为 50% 和 98%。已发生损失从 2023 年的 $14.9M 增至 2024 年的 $29.2M,增长 97%。承保结果从盈利 $1.2M 转为亏损 $1.3M。经营现金流从 2023 年的正 $34.1M 恶化为 2024 年的负 $10.7M,$44.8M 的摆动反映赔付支付加速。2024 年税后净利润为 $955K,较 $1.29M 下降 26%。 At-Bay 自有的 2026 InsurSec Report(基于 100,000+ 个保单年和 6,500+ 起索赔)记录,2025 年网络索赔频率同比上升 7%,平均严重度达到创纪录的 $221,000。勒索软件严重度上升 16% 至 $508,000,87% 的勒索攻击源自远程访问工具。Akira 勒索软件在 2025 年占勒索索赔超过 40%,是 At-Bay 有记录以来最高的单一变种集中度。金融欺诈仍是最常见事件类型,占索赔 30%,平均被盗金额上升 16% 至 $285,000。第三方责任严重度同比跃升 70%。At-Bay 索赔团队在 2025 年追回 $56M 被盗金融欺诈资金;若三天内报案,追回率为 70%。 2024 年 7 月 CrowdStrike Falcon Sensor 宕机造成估计 $400M–$1.5B 的全球已保险网络损失(CyberCube),是肯定式网络保险市场史上最大的单一已保险损失事件。市场层面,Munich Re 估计 2024 年全球勒索软件攻击频率约增加 25%;按 CoinLaw 引用 NAIC 数据,美国网络保险行业赔付率 2024 年上升 7 个百分点至 49%。At-Bay 子公司 102% 的综合成本率说明,公司净自留账本在 2024 年出现承保亏损。At-Bay 2023 年 9 月裁员 27 人(约占 305 人员工数 10%),反映运营成本上升下的结构调整。 [CI021, CI022, CI023, CI024, CI025, CI026]
| 指标 | 2024 | 2023 | 同比变化 |
|---|---|---|---|
| 总承保保费 | $338.2M | $154.5M | +119.0% |
| 已赚净保费(约) | $49.9M | $67.8M | -26.4% |
| 直接保费 — 全国 | $280.6M | $63.1M | +344.9% |
| 已发生损失 | $29.2M | $14.9M | +96.7% |
| 赔付调整费用 | $3.2M | $1.9M | +75.0% |
| 承保收益 /(亏损) | -$1.3M | +$1.2M | 转为亏损 |
| 税后净利润 | $0.96M | $1.29M | -26.1% |
| 经营活动现金流 | -$10.7M | +$34.1M | -131.4% |
| 总认可资产 | $223.9M | $196.4M | +14.0% |
| 资本与盈余 | $101.2M | $100.0M | +1.2% |
| 已发生损失率 | 68% | 50% | +18 pts |
| 综合成本率 | 102% | 98% | +4 pts |
来源:FSLSO At-Bay Specialty Insurance Company Insurer Financial Report, Annual 2024。仅为子公司层面,不代表 At-Bay Inc. 合并财务。2024 年总保费激增,反映其使用自有 E&S paper 承保的首个完整日历年(August 2023 开始)。尽管 GWP 增长,净保费仍下降 26%,说明有效分出比例更高。综合成本率高于 100% 意味着子公司层面承保亏损,即使母公司 MGA 赚取的费用收入未计入这里。
[CI018, CI019, CI021, CI022, CI023, CI024]E&S 保险承保子公司的收入至承保结果瀑布,展示总承保保费扣除分出、赔付和费用后如何变成承保亏损。
所有数值来自 FSLSO 的 At-Bay Specialty Insurance Company 2024 年度申报。其他承保费用根据约 30% 费用率乘以净保费估算($49.9M × 0.30 ≈ $15.0M 净费用估计;总额包含 LAE 分摊)。再保险分出估计为 GWP 减净保费($338.2M − $49.9M = $288.3M)。数值单位为 USD 百万。
[CI018, CI019, CI021, CI023, CI026]4.5 财务不透明、收入质量与尽调缺口
At-Bay 是私人公司,没有公开的合并财务报表。$155M 收入口径来自 Forbes;2023 年 $110M 净收入口径来自媒体对 Ken Riegler 任命的报道;子公司财务则来自 FSLSO 剩余线监管申报。上述来源均未提供覆盖最终母公司 At-Bay Inc. 的经审计合并利润表、资产负债表或现金流量表。FSLSO 申报只覆盖一个子公司 At-Bay Specialty Insurance Company,不能代表全公司的盈利能力,因为 MGA 佣金和费用收入会流向母公司。 关键未披露指标包括:(1)保险业务合并毛利率;(2)Stance MDR 毛利率、流失率、CAC 和净收入留存率;(3)母公司现金余额和烧钱速度;(4)已发生但未报告(IBNR)损失准备金;(5)再保险条约限额、附着点和除外条款;(6)行业层面披露之外的保单或客户集中度。子公司被标记的三个 NAIC IRIS 比率(#4、#6、#10)需要管理层直接解释;102% 的综合成本率也一样,因为它意味着即便母公司 MGA 获得佣金收入,子公司分出后净额层面仍未实现承保盈利。 收入质量风险包括:全市场保费率走软(美国 DWP 2024 年下降 6%,预计 2026 年进一步下行);Akira 勒索软件累积风险(超过 40% 的勒索索赔来自同一个威胁行为者);以及 85% 的 GWP 到净收入缺口,使收入增长依赖再保险分出经济性。2021 年 10 月后未募集新的外部资本(累计 $292M)。通往公开市场或下一轮融资的路径,要求公司在合并层面证明承保盈利能力,并提升财务透明度。 [CI001, CI010, CI019, CI020, CI021, CI031]
| 缺失指标 | 对分析的影响 | 尽调路径 |
|---|---|---|
| 经审计合并财务报表(At-Bay Inc.) | 无法评估母公司盈利能力、真实现金状况或合并毛利率 | 在正式尽调中基于 NDA 要求提供经审计财务 |
| 分部 P&L — 保险 vs. Stance MDR | 无法评估各分部相对盈利能力或战略资本配置 | 要求提供按业务线拆分的管理账 |
| 保险业务合并毛利率 | MGA / 保险公司费用结构遮蔽了承保盈利能力的关键指标 | 获取子公司保险公司与母公司 MGA 之间的单位成本分摊 |
| Stance MDR:毛利率、流失率、CAC、NRR | 没有 SaaS 指标,无法衡量 MDR 可扩展性或资本效率 | 向 CFO 索取队列数据和留存指标 |
| 母公司层面现金余额与烧钱速度(post-Oct 2021) | 不知道当前流动性状况,就无法评估现金跑道 | 要求提供董事会层面的财务更新和司库报告 |
| 再保险合约条款:限额、attachment、除外责任 | 无法评估尾部风险暴露或系统性事件保障(例如 CrowdStrike 这类非恶意故障) | 审阅再保险协议;重点看系统性事件和非恶意除外条款 |
| IBNR 准备金与精算赔付发展三角 | IBNR 准备金滞后,可能低估赔付率走势 | 要求提供精算赔付发展三角和准备金充足性声明 |
| 客户或保单集中度(按 GWP 排名前 10 的账户) | 集中度风险会放大赔付波动;SMB 聚焦暗示集中度较低,但未获确认 | 在承保文件审查中要求提供前 10 大收入集中度数据 |
上述缺口来自将公开资料(FSLSO 文件、Forbes、媒体)与标准保险公司尽调要求对比。作为私人公司,At-Bay 没有 SEC 级披露义务。考虑到 334.2% 的总保费 / 盈余比率,子公司被标记的三个 NAIC IRIS 比率(#4、6、10)需要管理层解释。
[CI001, CI020, CI021, CI031]4.6 证据要点
05产品与技术
5.1 产品定义:At-Bay 将主动安全服务打包进每一张网络保险保单
At-Bay 将自身产品定位为 InsurSec:保险与网络安全结合的产品,超越赔付,主动降低投保人风险。每张网络保单都包含 Stance,这是 At-Bay 自研安全平台,由其全资子公司 At-Bay Security LLC 运营。Stance 分为三档服务:Core(Exposure Manager、Fraud Defense、Security Awareness Training 和 vCISO 咨询)、Advanced(Core 加上由 CrowdStrike Falcon XDR 支撑的 MDR Endpoint)以及 Complete(Advanced 加上 MDR Email)。第四条线 MXDR 在 2025 年 7 月推出,由 SentinelOne Singularity 提供能力,把检测延伸到中端市场投保人的终端和邮件面。平台在 2024 年 4 月增强,加入钓鱼模拟、Microsoft 365 与 Google Workspace 监控集成,将公司声称的综合风险覆盖率推至 66%。2024 年 6 月 3 日,承保限额扩大到服务收入最高 $5B 的企业、每张保单最高 $10M,反映公司有意上探更大客户。按公司材料,每张保单内嵌的 Stance 服务价值约 $70,000–$72,000;相较将安全附加项单独定价或根本不提供的保险公司,这是重要差异点。[CE001, CE002, CE003, CE004, CE005, CE007]
| 模块 | 层级 | 功能 | 关键合作伙伴 / 技术 | 可用状态 |
|---|---|---|---|---|
| 暴露面管理器 | 核心 | 为已投保保单持有人持续扫描攻击面并识别漏洞 | 自研 | GA |
| 欺诈防护 | 核心 | 检测并防范社会工程和电汇欺诈 | 自研 | GA |
| 安全意识培训(SAT) | 核心 | 员工钓鱼模拟与安全教育 | 自研 | GA(Apr 2024 新增) |
| vCISO 顾问服务 | 核心 | 面向 SMB 的虚拟 CISO 指导和安全项目顾问服务 | 自研 | GA |
| M365 / Google Workspace 监控 | 核心 | 云办公套件安全监控与告警 | Microsoft、Google | GA(Apr 2024 新增) |
| MDR 终端 | 高级 | 借助 SOC 运营为终端提供托管检测与响应 | CrowdStrike Falcon XDR | GA(自 Jan 2024 起) |
| MDR 邮件 | 完整 | 为已投保保单持有人提供邮件威胁检测与响应 | 自研 | GA |
| MXDR 平台 | 附加 / 中端市场 | 覆盖终端和邮件面的扩展检测与响应 | SentinelOne Singularity | GA(自 Jul 2025 起) |
| Relay 数字市场 | 平台 / 分销 | 面向经纪人的专业险数字报价与 placement | At-Bay 子公司(Aug 2022 收购) | 运营中 |
| 合作伙伴 API v2 | 平台 / 分销 | 经纪人集成、JWT 认证的异步报价交付(p90 <40s)和 BOR 清理 | 自研 REST API | 正式可用(GA) |
层级结构(Core / Advanced / Complete)来自运行日的 at-bay.com/stance/ 页面。MXDR 上线日期 July 15, 2025 来自 BusinessWire 新闻稿。合作伙伴 API 的 p90 延迟和 JWT 细节来自 GitHub api-evangelist 仓库。Relay 收购日期 August 22, 2022 来自 at-bay.com 新闻稿;任务简报中的 March 2025 日期不正确,已被一手来源取代。与 CrowdStrike Falcon XDR 的 MDR Endpoint 合作于 January 31, 2024 公布。
[CE001, CE002, CE003, CE004, CE005, CE006]5.2 平台架构:Stance 叠加保险数据、安全遥测与合作伙伴检测引擎
At-Bay 的技术架构不是从零搭建完整安全栈,而是在第三方检测引擎之上叠加自研风险情报。CrowdStrike Falcon XDR 为 MDR Endpoint 提供终端检测引擎;该合作在 2024 年 1 月 31 日与 Stance MDR 产品一起宣布。SentinelOne Singularity 支撑 2025 年 7 月 15 日推出的 MXDR 平台。根据 At-Bay 信任页面,所有投保人数据都托管在仅位于美国境内的 AWS 基础设施上。Relay Platform 于 2022 年 8 月 22 日被收购,并作为独立的专业保险数字市场保留,承担 At-Bay 经纪渠道的分发基础设施。Partner API v2 提供异步报价生成,p90 延迟低于 40 秒,使用 JWT 认证,并以程序化方式执行备案经纪人清查;API 文档公开托管在 GitHub。保险数据、检测合作伙伴的遥测数据和数字分发层三者结合,构成 At-Bay 所称 InsurSec 差异化的三边技术护城河。架构在接口层面可观察,但承保模型和 SOC 工具内部并不透明。[CE006, CE007, CE011, CE012, CE013, CE014]
| 用例 | 主要 Stance 模块 | 工作流触发点 | 交付结果 | 证据来源 |
|---|---|---|---|---|
| 通过经纪人渠道购买 SMB 网络保单 | Partner API v2 + Relay Marketplace 渠道 | 经纪人通过 API 端点提交申请 | 异步报价 p90 低于 40 秒返回;BOR 完成清理;选定 Stance 层级后绑定保单 | GitHub api-evangelist;BusinessWire MXDR 资料 |
| 降低员工钓鱼风险 | SAT + MDR Email(Complete 层级) | 保单加入;按月或自定义节奏 | 衡量 SAT 完成率、钓鱼模拟结果和邮件威胁拦截 | Stance 页面;BusinessWire Stance 增强公告 |
| 端点威胁检测与遏制 | MDR Endpoint(Advanced 层级;CrowdStrike) | 通过 CrowdStrike Falcon XDR 传感器持续监控 | At-Bay Security SOC 执行告警、分诊和遏制 | BusinessWire MDR 发布;msspalert |
| 降低攻击面暴露 | Exposure Manager(Core 层级) | 加入时启动持续外部扫描 | 可执行的漏洞发现;按优先级排序的修复建议 | Stance 页面;BusinessWire Stance 增强公告 |
| 中端市场扩展检测与响应 | MXDR(SentinelOne Singularity) | 收入最高 $5B、寻求 $10M 保额的企业加入 | SOC 覆盖扩展到端点和邮件;公司称可缓释 90% 潜在理赔 | BusinessWire 扩张公告;BusinessWire MXDR |
工作流描述根据新闻稿和 Stance 产品页拼出;At-Bay 未公开发布逐步的技术 SOC 运行手册。90% 理赔缓释数字来自公司对 Q1 2022–Q4 2024 的分析,尚未经独立审计。
[CE005, CE007, CE010, CE013, CE016, CE017]At-Bay 的 InsurSec 技术栈分层:底层是分销与 API 渠道,中层是风险情报和安全运营,顶层是保险保单保障,把安全遥测和承保绑定在同一个运营模型里。
层级顺序和分组根据公开新闻稿和产品页描述推断。At-Bay 未发布内部架构图。公司材料描述了承保模型与 Stance 遥测的集成,但没有公开技术文档。
[CE001, CE006, CE007, CE009, CE011, CE016]5.3 技术运营模型:At-Bay Security LLC 运营 SOC;Relay 处理专业保险分发
At-Bay 将运营模型拆成两个技术密集型子公司。At-Bay Security LLC 运营安全服务层:运行 MDR 和 MXDR SOC,管理 CrowdStrike 与 SentinelOne 集成,并向已开通的投保人交付 Exposure Manager 和 Fraud Defense 能力。Relay Platform 提供专业保险数字报价和配置,定位为连接经纪人和承保公司的独立市场。Partner API v2 把两者接入经纪工作流:经纪人通过 API 提交申请,在 p90 延迟目标内收到异步报价,系统在绑定前执行 BOR 清查。At-Bay 2025 年 InsurSec 分析显示,2022 年 Q1 至 2024 年 Q4 的索赔中,90% 本可由 MXDR 能力潜在缓释。公司还披露,开通 Stance 的投保人事故规避率为 99.999%,但公开来源中未找到该数字的独立第三方审计。该运营模型要求保险承保职能与安全 SOC 持续协同;这种依赖创造差异化,但也引入复杂性,一旦合作伙伴技术关系变化,既难复制,也难拆解。[CE016, CE017, CE031, CE032, CE037, CE042]
| 层 | 组件 | 提供方 / 技术 | 集成深度 | 状态 |
|---|---|---|---|---|
| 端点安全层 | MDR Endpoint 检测与响应 | CrowdStrike Falcon XDR | OEM 式 MDR 合作;CrowdStrike 传感器向 At-Bay Security SOC 供数 | 正式可用(GA;合作于 Jan 31, 2024 公布) |
| 扩展检测层 | 覆盖端点和邮件的 MXDR 平台 | SentinelOne Singularity | 具名技术合作;平台支撑 MXDR 产品 | 正式可用(GA;Jul 15, 2025 上线) |
| 云基础设施 | 所有保单持有人数据存储与计算 | Amazon Web Services(仅美国区域) | 基础设施层;所有数据仅存储在 AWS US | 当前有效,信任页面已确认 |
| API 与集成层 | 经纪人报价、BOR 清理、保单绑定 | 带 JWT 认证的自研 REST Partner API v2 | 系统级;异步报价引擎,SLA 为 p90 <40s | 正式可用(GA);GitHub 有文档 |
| 分销平台 | 专业保险数字市场 | Relay Platform(At-Bay 全资子公司) | 子公司集成;直接连到 At-Bay 承保 | 自 Aug 22, 2022 收购后运营 |
| 产品市场上架 | MXDR 企业采购上架 | SoftwareOne 市场 | 面向企业买家的第三方上架与分销渠道 | 截至 2025 已上架 |
| 开发者文档 | Partner API v2 文档仓库 | GitHub(api-evangelist/at-bay) | 公开仓库;API 模式和端点文档 | 当前有效 |
| 合规与治理层 | 数据治理、访问控制和认证 | SOC 2 Type II + AWS US 基础设施 | 认证叠加基础设施层的数据驻留控制 | 已认证(公司声称) |
所有集成深度描述都来自公开新闻稿、GitHub 仓库和 at-bay.com 信任页面。At-Bay 未公开内部服务图、SOC 工具运行手册或 CrowdStrike/SentinelOne 集成示意图。SoftwareOne 上架来自市场页面观察。SOC 2 Type II 的范围边界未公开细化。
[CE006, CE007, CE016, CE017, CE018, CE019]经纪人或直接买家通过 Partner API 或 Relay 进入 At-Bay 工作流,触发承保、Stance 激活、持续监控,以及必要时的整合事件响应流程;该流程再回流到理赔处理。
工作流根据新闻稿描述和产品页文本重构。At-Bay 未发布技术入驻流程图。启动理赔步骤根据公司材料描述的 InsurSec 模型推断;实际升级 SLA 未公开披露。
[CE005, CE006, CE007, CE009, CE013, CE016]At-Bay 的投保客户风险结果依赖一条技术链:AWS 云支撑所有数据和 Stance 平台;CrowdStrike 和 SentinelOne 向 At-Bay Security SOC 输送信号;SOC 和 Exposure Manager 都向承保模型供给数据;完整技术栈再影响理赔结果。
依赖边根据公开产品描述和新闻稿推断。At-Bay 未发布内部服务依赖图。从 dep5(SOC)直接到 dep8(结果)的边代表公司声称的 99.999% 事件避免效果;该说法来自公司,未经独立验证。保单层(dep7)背后的再保险能力未公开披露。
[CE006, CE007, CE009, CE020, CE021, CE031]5.4 信任与合规:SOC 2 Type II 认证、AWS 美国数据驻留;自我证明仍有限
At-Bay 的信任姿态由 SOC 2 Type II 认证和一项明确政策支撑:所有客户数据存储在美国境内的 AWS 基础设施上。信任页面还声称,不使用投保人数据训练 AI 模型,并由基于角色的访问控制管理用户如何操作 Stance 仪表盘。At-Bay Insurance 与 At-Bay Security LLC 的法律隔离,在保险实体和安全服务子公司之间提供结构性边界;但网络安全运营所需监管许可的精确细节没有公开列明。公开信任姿态的实质限制包括:SOC 2 范围边界没有在公开可访问资料中详细说明;加密标准只是被声称,并未列举;支撑认证的第三方审计报告未公开发布。企业买家评估平台时,这些缺口意味着尽调需要直接接触 At-Bay,取得审计材料、数据处理协议,以及支撑 AWS 托管的子处理方链条细节。[CE020, CE021, CE022, CE023, CE024, CE025]
| 控制 / 认证 | 状态 | 范围 | 缺口 / 附注 |
|---|---|---|---|
| SOC 2 Type II | 已认证(公司声称) | Stance 安全平台 | 范围边界未公开细化;审计报告未公开发布 |
| 仅限 AWS US 的数据存储 | 已部署(公司在信任页面确认) | 所有保单持有人和运营数据 | 未发布数据驻留边界的第三方验证 |
| 不使用客户数据训练 AI 模型 | 政策中声明 | 所有保单持有人数据 | 仅自我声明;未披露训练管线的独立审计 |
| 基于角色的访问控制 | 已部署(公司确认) | 用于保单持有人账户管理的 Stance 仪表盘 | 权限层级粒度和审计日志细节未公开披露 |
| 静态和传输中加密 | 信任页面声称 | 平台数据处理 | 未明确列出加密标准(AES-256、TLS 版本等) |
| At-Bay Security LLC 子公司结构 | 监管与结构 | 网络安全服务在运营上与保险实体分离 | 未列出监管许可范围和州级网络安全注册 |
所有条目都来自 at-bay.com/trust/ 页面,该页面由公司维护。公开渠道无法看到独立的 SOC 2 审计摘要。子公司结构(At-Bay Security LLC)已由 BusinessWire MDR 新闻稿和 calcalistech 报道确认,但网络安全实体的监管备案细节不在公开来源中。
[CE020, CE021, CE022, CE023, CE024, CE025]5.5 差异化与路线图:InsurSec 打包带来可衡量的风险下降,也带来用户锁定风险
At-Bay 的核心差异化是结构性的:把安全工具嵌入保险合同后,公司形成一个一体化风险下降闭环;纯保险公司若不收购或合作安全运营中心,很难复制。公司数据显示,未开通 Stance 的投保人索赔频率高出 7%;2025 年数据中,平均索赔严重度达到 $221,000,勒索软件严重度达到 $508,000。公司声称事故规避率为 99.999%,这是一个异常高、且尚未独立验证的数字。At-Bay 2022–2025 年路线图推进很快:收购 Relay(2022 年 8 月),与 CrowdStrike 推出 Stance MDR(2023 年 10 月),上线 SAT 和 M365/GWS 集成(2024 年 4 月),扩展到最高 $5B 收入企业(2024 年 6 月),并与 SentinelOne 推出 MXDR(2025 年 7 月)。Spiceworks 社区记录的一条负面信号显示,投保人更换承保公司后会失去 Stance 安全工具访问权;站在买家角度,这是由切换成本带来的锁定风险。产品发布和技术伙伴新增的节奏显示公司仍在投入,但 MXDR 之后的路线图未公开,限制了前瞻性产品尽调。[CE027, CE028, CE029, CE030, CE031, CE033]
| 日期 | 里程碑 | 状态 | 对买方的含义 | 主要来源 |
|---|---|---|---|---|
| 2022-08-22 | 收购 Relay Platform | 已完成 | 建立了内部专业保险分销数字市场;经纪人渠道基础设施搭起 | At-Bay 新闻稿(at-bay.com) |
| 2023-10-26 | Stance MDR 发布(宣布 CrowdStrike Falcon XDR 合作) | 已发布 | 首个把主动端点 MDR 与网络保单结合的主要 InsurSec 产品;新保单持有人可选 | BusinessWire MDR 发布 |
| 2024-01 | Stance MDR 可作为可选服务提供给现有保单持有人 | 已发布 | MDR 触达从新加入队列扩到现有存量客户 | BusinessWire MDR 发布 |
| 2024-04-24 | 新增 SAT、钓鱼测试、M365/Google Workspace 集成;达到 66% 风险覆盖里程碑 | 已发布 | InsurSec 深入日常使用的企业 IT 环境;覆盖广度主张得到验证 | BusinessWire Stance 增强公告;markets.financialcontent |
| 2024-06-03 | 覆盖扩展到收入最高 $5B、保额 $10M 的企业 | 已发布 | At-Bay 从纯 SMB 向上切入;服务中端市场风险画像需要 MXDR | BusinessWire 扩张公告 |
| 2025-07-15 | MXDR 平台发布(SentinelOne Singularity 合作) | 已发布 | 第二个主要检测技术合作;中端市场的端点和邮件覆盖得到扩展 | BusinessWire MXDR 发布 |
| 2026-04-23 | At-Bay InsurSec 2026 报告发布;指出非 Stance 保单持有人的理赔频率上升 7% | 当前 | 数据验证 InsurSec 逻辑;为理赔建模提供对照基线 | HelpNetSecurity 2026 |
| 2026-06-03(快照) | Partner API v2 已投产;SoftwareOne 的 MXDR 上架已上线;Relay 作为独立市场运营 | 当前 | 截至运行日,完整分销栈已投入运营;未找到公开的下一里程碑公告 | GitHub api-evangelist、SoftwareOne、At-Bay 等来源 |
路线图根据公开新闻稿和在线产品页重建;At-Bay 未发布前瞻性产品路线图文件。可获得的日期来自一手来源(BusinessWire、at-bay.com 新闻稿)。InsurSec 2026 报告日期(April 23, 2026)来自 HelpNetSecurity 报道 URL 元数据。运行日之后未公开披露任何产品路线图。
[CE005, CE007, CE010, CE011, CE013, CE028]Core 档 Stance 分销触达和风险情报强,但主动检测有限;Advanced 和 Complete 档增加端点和邮件 MDR 覆盖;MXDR 扩大了检测面,但相对于成熟的 MDR 档位仍处早期。
成熟度和覆盖评级是定性评估,依据新闻稿、Stance 产品页和合作伙伴公告。At-Bay 未发布正式的能力成熟度框架或评分。MXDR 截至运行日的记录不足 12 个月。企业级就绪度评估基于产品功能描述,并非独立企业买家审计。
[CE001, CE003, CE004, CE006, CE007, CE010]06客户情况
6.1 SMB 与中端市场细分
At-Bay 的核心客户,是通过中介购买网络保险的中小企业,而不是直接完成软件购买的客户。Forbes 2026 年 3 月报道称,At-Bay 向 53,000+ 家中小企业提供网络安全保险;At-Bay 自家官网和 Stance 材料称,平台由来自 40,000+ 个已承保客户的事件洞察驱动;2025 年 7 月 MXDR 发布稿称,At-Bay 保护接近 40,000 家美国企业,合计收入最高 $800B。我将 53,000 视为当前最新的独立客户数标记,将 40,000 视为公司披露、且官方页面仍在使用的保守基数。买家通常是 CFO、企业主、风险经理或负责配置网络保险的经纪人;一旦 Stance、MDR Endpoint、MDR Email 或 MXDR 启用,用户会扩展到 IT / 安全运营人员。在将 Cyber 和 Tech E&O 的承保偏好上调至收入最高 $5B、限额最高 $10M 的企业后,At-Bay 当前覆盖 SMB、低端中端市场和更大企业。[CU001, CU002, CU003, CU004, CU005, CU006]
| 客户分层 | 买方 / 用户 / 付款方 | 用例 | 规模 | 战略价值 | 缺口 |
|---|---|---|---|---|---|
| SMB 被保险企业 | 业主 / CFO / 风险经理 / IT 团队 / 企业 | 经纪人安排的网络保险,加随附 Stance Core 服务 | Forbes 报道 53,000+ 家 SMB;官方页面称 40,000+ 名被保险人 | 核心规模引擎 | 有效保单的精确定义尚未对齐 |
| 中低端市场 | CFO / 风险经理 / IT 和安全运营人员 / 企业 | 更高保额的网络保险和 Tech E&O,附 Stance 服务 | 收入低于最高 $5B 承保偏好上限的企业 | 单账户保费更高 | 公开分层组合未披露 |
| 大型商业账户 | 风险经理 / CISO / 安全团队 / 企业 | 最高 $10M 保额的网络保险和 Tech E&O | June 2024 承保偏好扩展后符合资格 | 向上切入带来保费扩张 | 生产账户数未披露 |
| Stance MDR 客户 | IT / 安全团队 / SOC 用户 / 企业 | 24/7 监控和修复 | Forbes 称 2024 年底达到 7,500 名客户 | 安全订阅扩张 | 当前 2026 数量未披露 |
| 经纪人渠道 | 零售 / 批发经纪人 / 客户顾问 / 佣金经济 | 报价 / 定制 / 绑定并续保保单 | 经纪人平台称绑定速度比邮件快 35% | 分销杠杆和 CAC 效率 | 经纪人集中度未披露 |
| MSP / 安全合作伙伴 | MSP 或安全顾问 / 客户 IT 团队 / 企业 | MDR 合作伙伴计划和部署支持 | 可通过 At-Bay 页面获得,但数量未披露 | 扩展部署能力 | 合作伙伴生产率未披露 |
分层结合官方产品页、Forbes、Business Wire 和经纪人平台证据;At-Bay 未发布正式的分层组合。
[CU001, CU002, CU003, CU004, CU005, CU006]经纪人主导的保险购买建立第一层关系;Stance 服务随后带来安全互动和增购路径。
旅程阶段由官方产品页和经纪人平台页综合得出;没有公开客户级漏斗转化率。
[CU006, CU007, CU012, CU021, CU027, CU034]6.2 采用轨迹与部署规模
公开采用曲线中,Stance MDR 比总投保人更强。Forbes 报道,At-Bay 的检测产品从 2023 年不足 1,000 个客户增长到 2024 年底 7,500 个客户,年化收入约 $13M。At-Bay 2023 年 10 月官方推出 MDR 时,把产品定位给 SMB;CrowdStrike 2024 年 1 月的合作公告进一步确认,由 Falcon XDR 支撑的服务面向小企业网络韧性。采用由保险打包拉动:At-Bay 称,采用 Stance MDR 可能释放保险费抵免和更高的勒索软件或金融欺诈限额,因此扩张可以发生在续保时或经纪人主导的风险整改过程中,而不只依赖独立安全产品销售。2026 InsurSec Report 还通过分析 100,000+ 个保单年和 6,500+ 起索赔提供规模背景,说明 At-Bay 拥有有意义的纵向数据资产,尽管公司不披露月活跃用户或部署完成率。[CU009, CU010, CU011, CU012, CU013, CU014]
| 指标 | 数值 | 日期 | 来源 | 置信度 | 含义 | 缺失分母 |
|---|---|---|---|---|---|---|
| 保险客户数 | 53,000+ 家中小企业 | 2026-03-03 | Forbes | 中 | 支撑高于此前官方 40,000 基线的规模 | 有效客户定义 |
| 官方被保险基数标记 | 40,000+ 名被保险人 / 接近 40,000 家企业 | 2025-2026 | At-Bay 与 Business Wire | 高 | 公司披露的保守基数 | 与 Forbes 数量的对账 |
| MDR 客户数 | 7,500 名客户 | 2024-12-31 | Forbes | 中 | 显示安全服务采用速度快 | 当前 2026 MDR 数量 |
| MDR 此前基线 | 少于 1,000 名客户 | 2023 | Forbes | 中 | 显示早期采用曲线陡峭 | 确切起始日期 |
| MDR 年化收入 | $13M 年化收入 | 2024-12-31 | Forbes | 中 | 意味着每客户年化收入约 $1,733 | 毛利率和流失 |
| InsurSec 报告数据集 | 100,000+ 保单年和 6,500+ 起理赔 | 2026 | At-Bay / Help Net Security | 高 | 验证纵向理赔数据资产 | 有效保单分母 |
| 受监控资产 | 1.5M 受监控资产 | 2026 | At-Bay 主页 | 中 | 显示 Stance 遥测足迹 | 活跃设备 / 客户比例 |
这些数值是定义不一的公开披露;采用表故意拆开被保险人数、安全服务客户数和保单年数据。
[CU001, CU002, CU009, CU010, CU011, CU014]公开数字从投保总数收窄到 MDR 客户数,但激活和续保环节缺少转化数据。
53,000 和 40,000 两个标记采用不同来源定义;该漏斗只表示方向,不是对齐后的转化模型。
[CU001, CU002, CU009, CU010, CU026]6.3 具名客户证明与经纪人证明
At-Bay 发布的具名客户证明主要针对 MDR,而不是保险保单部署。其官网和 MDR 页面引用 Gradient Security COO Chris White 的说法:At-Bay MDR 端到端处理安全运营,让团队能专注核心业务;页面还引用 AI InsurTech CTO 称 MDR 体验优秀,以及 Galahad Risk Advisors CEO Ben Beeson 称公司快速上线且无中断。这些具名证言有用,但它们更直接证明 Stance/MDR 的采用和满意度,而非保单续约或保险赔付结果。经纪人证明更广,也更偏运营:At-Bay Broker Platform 页面称,通过平台提交的业务绑定速度比邮件快 35%;Insurance Business 将 At-Bay 评为经纪人投票的 5-Star Cyber Insurance Provider,并引用管理层关于保险与安全结合价值的表述。评论网站覆盖稀疏:SourceForge 和 Slashdot 列出 At-Bay,但没有实质性用户评论基础;G2 因 JavaScript / 广告拦截门槛无法抓取。[CU017, CU018, CU019, CU020, CU021, CU022]
| 客户 / 证明载体 | 分层 | 部署 / 用例 | 生产 / 试点 | 结果 | 限制 |
|---|---|---|---|---|---|
| Gradient Security | MDR 客户 | At-Bay MDR 安全运营 | 生产客户证言 | COO 称 At-Bay 负责分诊、检测和修复任务 | 官方供应商引述;无续约指标 |
| AI InsurTech | MDR 客户 | MDR 支持和防护 | 生产客户证言 | CTO 称体验很好,支持可用 | 官方供应商引述;无量化结果 |
| Galahad Risk Advisors | 风险咨询公司 / MDR 客户 | 快速 MDR 上线 | 生产客户证言 | CEO 称上线很快且不打扰业务 | 官方供应商引述;无留存证明 |
| Insurance Business 经纪人投票奖项 | 经纪人证明 | 网络保险提供商评估 | 市场证明,非部署 | 5-Star Cyber Insurance Provider 认可 | 奖项方法论不是客户队列 |
| SourceForge / Slashdot 上架 | 评测站点证明 | 产品目录上架 | 不是活跃评论证明 | 描述功能和支持,但没有评论深度 | 独立用户反馈稀疏 |
列举并不完整,因为 At-Bay 未发布完整的具名客户名单或保单持有人 logo 墙。
[CU017, CU018, CU019, CU020, CU021, CU022]At-Bay 有具名 MDR 证言和经纪人证据,但独立留存和投保客户评价证据有限。
由于公开评论数量和留存数据不可得,证据质量为定性判断。
[CU016, CU017, CU018, CU019, CU020, CU021]6.4 留存、重复使用与缺口
公开留存证据明显不完整。At-Bay 不披露净收入留存率、总收入留存率、客户数留存率、经纪人续约胜率、客户 NPS、队列续约或 Stance 流失率。最佳可观察留存代理指标都是间接的:Stance 工具嵌入投保人工作流,MDR 可让客户获得保费抵免资格,平台监控 1.5M 个资产,报告威胁平均修复时间为 15 分钟。Spiceworks 上一条 SMB 用户讨论,是最清晰的负面客户信号:一位 SMB 制造业用户称 At-Bay 工具令人印象深刻,但公司一年后换到更便宜的承保方,并失去了这些工具。该轶事不能证明系统性流失,但它说明当保险经纪找到更便宜替代方案时,价格敏感性和打包脆弱性会显现。公司未发布续约队列,使留存案例达不到企业 SaaS 尽调标准。[CU026, CU027, CU028, CU029, CU030, CU031]
| 指标 | 公开数值 | 分层 | 置信度 | 尽调追问 |
|---|---|---|---|---|
| 净收入留存率(NRR) | 全部客户 | 高 | 索取按纯保险、Stance MDR 和 MXDR 队列拆分的 NRR | |
| 总收入留存率(GRR) | 全部客户 | 高 | 索取按经纪商 / 渠道划分的客户数续约率和保费续保率 | |
| Stance MDR 流失 | MDR 客户 | 高 | 索取月度流失、年度续约和降级数据 | |
| NPS / CSAT | 投保人与经纪商 | 高 | 索取客户满意度调研历史和经纪商 NPS | |
| 保费抵扣对续保的影响 | 公开资料未量化 | MDR 采用者 | 中 | 比较 MDR 采用者与未采用者的续保和损失结果 |
| 负面流失个案 | 一年后转投更便宜的承保方 | SMB 制造业 | 中 | 确认经纪商比价导致 Stance 工具被移除的频率 |
空值表示未找到公开披露;负面行只是社区里的单个个案,不是已测算的流失率。
[CU026, CU027, CU028, CU029, CU030, CU031]公开证据支持参与度假设,但不支持已测量的留存队列。
数值只是为了呈现可见度:100 表示队列形成,0 表示未公开留存百分比,一条轶事不是留存率。
[CU026, CU027, CU029, CU030, CU031, CU033]6.5 扩张、集中度与渠道摩擦
At-Bay 的落地扩张动作从经纪人配置的网络保险开始,叠加 Stance Core 监控和咨询功能,再增购 MDR Endpoint、MDR Email、MXDR、更高限额或更广的 Cyber / Tech E&O 覆盖。该逻辑可信,因为支撑承保的同一组事件数据,也能为投保人生成安全警报和整改触发。模型仍然依赖渠道:客户被要求联系经纪人添加 At-Bay Stance,经纪平台是主要报价 / 绑定工作流,Sayata 式数字分发合作进一步强化中介层。渠道杠杆降低 CAC,也符合商业保险购买行为;但这也意味着,相比纯 SaaS 厂商,At-Bay 对续约的直接控制更弱。单个 SMB 投保人层面的客户集中度似乎较低,但集中风险转移到了经纪关系、再保险容量、分发平台,以及 CrowdStrike 和 SentinelOne 等安全技术伙伴。下一步最有力的尽调,是要求披露经纪人层面的产能集中度、按细分市场划分的续约队列、Stance 附加率队列,以及 MDR 采用者相对非采用者的赔付率差异。[CU034, CU035, CU036, CU037, CU038, CU039]
| 扩张驱动因素 | 集中 / 摩擦风险 | 影响 | 尽调路径 |
|---|---|---|---|
| 经纪商驱动的新业务 | 经纪商关系集中,依赖报价流 | 渠道流失会迅速拖慢获客 | 索取头部经纪商在 GWP 和投保申请量中的占比 |
| Stance Core 与保单绑定 | 保单迁走后,工具价值随之消失 | 续保可能很强,也可能因价格变得脆弱 | 索取使用 Stance 账户的续保率 |
| MDR Endpoint / MDR Email | 需要部署终端 / 邮件并建立安全信任 | 扩大收入,但增加实施负担 | 索取激活率和价值实现时间队列 |
| MXDR 切入更高端市场 | 依赖 SentinelOne 和 SOC | 切入中端市场,但带来伙伴执行风险 | 索取客户数、附加率和毛利率 |
| 更高保额与 $5B 收入段承保胃口 | 依赖再保险和承保容量 | 上探客户抬高保费,也可能抬高赔付严重度 | 索取按层级划分的容量和赔付率队列 |
| 数字分销合作 | 依赖平台伙伴 | 高效触达 SMB,但直接客户控制更弱 | 索取伙伴产出和续保集中度 |
各行强调单个 SMB 账户之外的集中度:经纪商、分销平台、再保险方和安全厂商。
[CU034, CU035, CU036, CU037, CU038, CU039]6.6 证据要点
07风险
7.1 风险概览与投资逻辑失效框架
At-Bay 位于四类风险的交叉点;单独看都可管理,合在一起要求很高。第一,也是最紧迫的,是承保与赔付率风险:2024 年 FSLSO 法定申报显示,综合成本率 102%,损失 $29.2M(同比增长 96.7%),经营现金流为负 $10.7M;与此同时,保费组合一年内增长 345%。这种增速压缩了验证损失假设所需的成熟时间,并且发生在美国网络保险市场 2024 年首次录得 7% 保费下降的背景下。第二类是系统性聚合风险:CrowdStrike 宕机证明,单一供应商故障可以同时触发数千张保单的相关索赔,而 At-Bay 集中于 SMB 网络保险,敞口真实存在。第三类是法律与监管风险:LMA5567 战争除外诉讼、多州剩余线合规、SEC 网络披露规则,都会给一家快速扩张的 MGA 增加义务,而公司未必有成熟的内部监管团队吸收。第四类是运营与人员风险:以色列承载 At-Bay 大部分研发,2026 年 3 月在“战争时期”裁撤 25 名工程师,让执行和人才留存不确定性出现在 MDR 交付正是主要竞争差异点的时刻。第五类——财务模型与竞争风险——位于四项主要担忧之下,但同样真实:如果网络费率继续下降,MGA 的承保费和利润佣金会被压缩,资产负债表更深或费用率更低的竞争对手可以更激进定价。下方风险热力图按可能性和影响严重度放置各风险域。最后一节的缓释与否决标准表定义,哪些事件会让投资逻辑变得不可投。[CR001, CR002, CR003, CR008, CR012, CR013]
At-Bay 最高的剩余风险位于右上象限:Akira 集中度和综合成本率超标都属于高可能性、高影响。战争除外诉讼、系统性聚合和 Israel 扰动聚集在中高影响区间。财务模型压力和竞争压力在近期属于高可能性、中等影响。
[CR001, CR008, CR012, CR013, CR014, CR016]7.2 法律、监管与合规风险
At-Bay 作为管理总代理,在美国 50 个州和部分国际市场承保网络保险,并使用 Trisura Specialty Insurance Company 作为主要前置承保公司。该结构让公司暴露于分层合规义务:要求盖章的州需要剩余线盖章,经纪牌照申报,通过前置承保公司承担 NAIC 偿付能力报告义务,以及不断演进的 SEC 网络披露规则;该规则适用于其企业投保人而非 At-Bay 本身,但会间接驱动索赔和承保争议。当前最尖锐的法律敞口是 LMA5567A/B 战争除外条款。Lloyd's 要求 2023 年 3 月后所有网络保单采用该条款,2026 年 Stryker 的伊朗相关攻击引发承保争议后,该条款在对抗性诉讼中接受检验,争点包括“计算机攻击”除外和“关键基础设施”例外的竞争性解释。At-Bay 保单包含战争除外;无论 Stryker 结果哪一方胜出,都会影响承保人和原告未来如何围绕 At-Bay 投保人的国家行为者归因索赔构建论证。剩余线合规构成第二层监管敞口:多州 MGA 必须在每个非准入保险人承保风险的司法辖区申报;若盖章、申报或缴纳保费税出错,可能触发罚款、保单无效或牌照暂停。作为主要监管来源的 NAIC 2025 Cybersecurity Insurance Report 确认 At-Bay Specialty Insurance 活跃于美国市场,并将系统性集中风险标记为行业层面担忧,强化了监管机构正在审视大型网络保险项目的判断。下方监管—法律风险登记表逐项列出具名风险、可能性、严重度、当前缓释证据和剩余尽调路径。[CR016, CR017, CR021, CR022, CR026, CR041]
| 风险 | 公开证据 | 可能性 | 严重性 | 当前缓释证据 | 剩余暴露与尽调路径 |
|---|---|---|---|---|---|
| LMA5567 战争除外诉讼 | Stryker 2026 年网络攻击引发承保争议,检验 LMA5567A/B 除外条款;保险人与被保险人对伊朗相关归因存在争议。 | 高 | 高 | At-Bay 保单自 2023 年 3 月起纳入与 Lloyd's 要求一致的战争除外条款。 | 跟踪 Stryker 结果;要求管理层披露所有未决战争除外承保争议,按投保人数和总保额列示。 |
| 多州盈余险合规 | At-Bay Specialty Insurance 是非认可承保实体;FSLSO 备案确认其 Florida 盈余险注册;所有 50 个州均适用多州盖章和保费税义务。 | 中 | 高 | Trisura 前置承保方架构承接准入承保纸合规义务;盈余险经纪商提交州级表格。 | 索取所有州的合规矩阵、保费税缴款记录和任何 DOI 往来文件;确认不存在未解决的盖章缺陷。 |
| SEC 网络披露规则外溢 | SEC Rule 13e-3 的网络事件披露义务适用于 At-Bay 投保人;披露事件会驱动索赔,并可能引发承保争议。 | 中 | 中 | At-Bay InsurSec 报告跟踪投保人事件趋势;公司监测包括监管驱动事件在内的索赔类型。 | 评估保单措辞是否跟上 SEC 披露时点和范围;审查 2024–2026 年已提交的任何投保人监管通知索赔。 |
| NAIC 对系统性集中度的监管审查 | NAIC 2025 Cybersecurity Insurance Report 将网络险保险人集中列为系统性监管关切;报告确认 At-Bay Specialty 是活跃的美国承保方。 | 中 | 中 | AM Best A- 稳定评级提供当前偿付能力信号;Munich Re 再保险方组合缓释集中度信号。 | 跟踪 NAIC 网络工作组产出;索取管理层监管沟通日志和任何即将到来的检查安排。 |
| 国家级攻击归因与承保模糊性 | 当攻击者有国家背景、但政府机构未正式认定攻击为战争行为时,LMA5567 会制造承保灰区。 | 高 | 高 | Lloyd's 市场除外措辞让 At-Bay 与行业标准保持一致;该标准仍在法院接受检验。 | 跟踪关于 CL380/LMA5567 归因标准的新判例;量化 At-Bay 投保人中关键基础设施行业占比,这类客户的战争除外暴露更高。 |
严重性反映潜在投资影响,而非基本概率;战争除外和归因两行的剩余暴露仍高,因为截至运行日期,还没有法院明确裁定 LMA5567 的适用范围。
[CR016, CR017, CR021, CR022, CR026, CR041]7.3 承保、系统性与再保险风险
FSLSO 2024 年度法定申报,是观察 At-Bay 承保位置最细颗粒度的公开窗口。申报显示,直接承保保费为 $280.6M(较 2023 年 $63.1M 增长 344.9%),已发生损失为 $29.2M(同比增长 96.7%),综合成本率 102%,总保费 / 盈余比率 334.2%,明显高于 AM Best 对前置项目标记为担忧的 300% 门槛。前置结构本身集中风险:AM Best 在 2025 年 8 月重申 At-Bay Specialty 为 A- Excellent,但由 Munich Re/HSB 牵头、Skyward Specialty、AXA SA、W.R. Berkley 和 Fairfax 跟随的五家再保险面板意味着,若多家再保险人同时收缩,要么迫使保费下降,要么要求 At-Bay 保留更多净风险。Howden Reinsurance 2025 年网络报告显示,全球前五大网络再保险人占 62% 市场份额,确认资本供给侧同样存在集中度。Akira 勒索软件集中度是最大的短期承保威胁:At-Bay 自有 2026 InsurSec report 称,Akira 在 2025 年推动了超过 40% 的勒索索赔;从精算角度看很危险,因为单一威胁行为者的行动节奏(执法打击、谈判策略、目标选择)可以在一个季度内让赔付率移动数个百分点。2025 年没有 At-Bay MDR 客户提交 Akira 索赔,这是实质性缓释因素,但整个账本中只有一小部分在用 MDR。系统性聚合叠加了全行业结构性低估的尾部风险:CrowdStrike 宕机证明,单一供应商故障可同时在数千张保单中产生相关损失,Fortune 500 敞口估计为 $5.4B,所有承保公司合计的已保险部分在 $540M 至 $1.08B 之间。下方风险传导图追踪 Akira 持续存在和聚合事件如何进入再保险重新谈判,并最终影响保单层面的经济性。[CR001, CR002, CR003, CR004, CR005, CR006]
| 风险 | 公开证据 | 可能性 | 严重性 | 当前缓释证据 | 剩余暴露与尽调路径 |
|---|---|---|---|---|---|
| 增长年份综合成本率高于 100% | FSLSO 2024 年度备案显示综合成本率 102%,损失 $29.2M、同比增 96.7%,总保费 / 盈余比 334.2%。保费一年增长 345%。 | 高 | 高 | AM Best 在 2025 年 8 月确认 A- Excellent 稳定评级;Munich Re 牵头的再保险方组合吸收尾部风险。 | 索取管理层按事故年和保单队列拆分的综合成本率;确认快速增长未破坏损失发展模式。 |
| Akira 勒索软件集中 | At-Bay InsurSec 2026 报告称 Akira 在 2025 年贡献 >40% 勒索软件索赔。actuary.info 指出集中度会给精算准备金建模带来挑战。MDR 客户没有提交 Akira 索赔。 | 高 | 高 | MDR 产品为已加入的投保人交出 Akira 规避效果;威胁情报集成反哺承保决策。 | 量化 MDR 渗透率占总 DWP 的比例;如果 Akira 调整策略或 MDR 加入率停滞,建模赔付率敏感性。 |
| 系统性聚合与宕机事件 | CrowdStrike 宕机造成 Fortune 500 暴露 $5.4B;Parametrix 估计已保险损失为 $540M–$1.08B。Cabier Consulting 2026 将聚合列为网络险 MGA 尚未定价的尾部风险。 | 中 | 关键 | At-Bay 聚焦 SMB 细分,单张保单限额低于大企业客户;再保险方组合提供缓冲。 | 要求管理层披露对前 10 大云和软件供应商的聚合暴露;审查再保险合约的聚合条款。 |
| 再保险方组合集中与续约风险 | Howden Reinsurance 2025 报告显示,全球前 5 大网络再保险方持有 62% 市场份额。Munich Re/HSB 牵头 At-Bay 五家再保险方组合。再保险新闻确认了组合构成。 | 中 | 高 | Munich Re 既通过 HSB 做战略支持方,又担任首席再保险方,短期内利益一致。 | 测试 Munich Re 战略关系是否带来利益冲突条款;建模续约时失去首席席位的影响。 |
| 网络保险费率下降与费用压缩 | NAIC 确认 2024 年美国网络险保费首次下降 7%;WTW 报告 2024 年 Q4 费率下降 5%;Fitch 称保费增长放缓至个位数。 | 高 | 中 | At-Bay 在 SMB 细分继续增加保单数,该细分定价纪律强于大企业市场。 | 建模费率持续下降 3%、5%、10% 对收入的敏感性;确认在 102% 综合成本率下利润佣金触发条件是否仍会触发。 |
系统性聚合的严重性评为关键,因为单一大事件可能穿透再保险合约,产生难以从公开数据预测的净留存损失。
[CR001, CR002, CR003, CR004, CR005, CR006]At-Bay 的主要风险沿两条平行链条传导:一条是承保链,从 Akira 持续存在,到赔付率压力,再到再保险重新谈判;另一条是运营链,从 Israel 扰动,到 MDR 质量侵蚀,再到竞争暴露和投保客户流失。
[CR001, CR008, CR011, CR014, CR027, CR035]7.4 运营、人员与 MDR 执行风险
At-Bay 的竞争差异化建立在三个运营密集型支柱上:通过 MDR 产品进行主动安全监控,来自主动扫描的深度承保数据,以及面向 SMB 投保人的快速索赔处理。每个支柱都依赖以色列研发中心,那里承载了大部分工程、数据科学和安全研究人才。2026 年 3 月裁撤 25 名工程师,被 calcalistech.com 描述为发生在“战争时期”,在两个维度上构成负面信号:它说明冲突环境已经带来足以削减员工数的成本压力;也削弱了负责维护和扩展 MDR 检测逻辑的团队产能,而 Akira 正在演进战术。MDR 是 At-Bay 最清晰的差异化主张——2025 年没有 MDR 客户提交 Akira 索赔——但市场增长很快,且吸引资本充足的竞争者。Grand View Research 预测全球 MDR 市场到 2030 年达到 $9.5B;Coalition 和其他网络 MGA 正在自建或收购 MDR 能力;传统安全厂商则把保险作为附加项打包。如果 At-Bay 的 MDR 质量因工程人才流失而下降,竞争者将在 12 到 18 个月内追平执行差距。经纪与分发依赖构成第二个运营风险:At-Bay 通过指定经纪人和批发商网络承保,一旦经纪人偏好转向价格更好、覆盖更广或佣金结构更有吸引力的竞争对手,支撑 MDR 数据优势的保单数量会被侵蚀。根据 InsurSec report,邮件欺诈在 2026 年超过勒索软件成为头号索赔类型,说明检测问题的变化速度快过任何单一产品的预判。下方人员和伙伴风险登记表列出这两个维度。[CR011, CR014, CR015, CR032, CR033, CR034]
| 依赖 | 对手方或渠道 | 失败场景 | 可能性 | 严重性 | 缓释证据 | 剩余暴露 |
|---|---|---|---|---|---|---|
| 前置承保方依赖 | Trisura Specialty Insurance Company | Trisura 退出项目、遭遇监管行动,或在续约时收紧前置承保条款;At-Bay 失去所有州的准入承保纸接入。 | 低 | 关键 | AM Best A- 稳定为承保方当前偿付能力提供信号;前置承保是再保险方审查的标准 MGA 架构。 | 索取前置承保协议关键条款、控制权变更条款、最低保费承诺和 Trisura 偿付能力披露。 |
| 首席再保险方依赖 | Munich Re 与 HSB(首席再保险方和战略投资者) | Munich Re 在续约时撤出或重定价再保险;作为组合首席再保险方,其退出会迫使整个项目重组。 | 低 | 高 | Munich Re 通过 HSB 建立股权和战略关系,形成利益一致;双方对项目成功的共同利益已有公开文件佐证。 | 确认再保险 treaty 期限和续约通知期;评估 Munich Re 关系条款是否包含 lock-in 规定或费率涨幅上限。 |
| 经纪商与分销集中度 | 获委任的批发和零售经纪商 | 大型批发经纪商把首选网络险 MGA 任命从 At-Bay 转给竞争对手,投保申请流大幅减少。 | 中 | 高 | At-Bay 技术驱动的承保和快速报价速度形成切换成本;MDR 价值主张带来差异化。 | 索取前 10 大经纪商贡献占 DWP 的比例,以及按经纪商队列划分的续保率;评估是否有经纪商持有有因终止条款。 |
| 以色列 R&D 中心运营依赖 | 以色列约 340 名工程和安全研究人员 | 冲突升级引发人才流失或迫使办公室关闭;没有持续维护,MDR 检测逻辑和承保模型会退化。 | 中 | 高 | At-Bay 有美国团队和分布式领导层;存在一定冗余;2026 年 3 月裁员显示管理层能调整员工数,但也释放压力信号。 | 按地域评估关键职能员工图谱;确认在以色列产能降低时,MDR 威胁情报和模型更新能否维持。 |
前置承保方失败评为关键,因为它会立即停止新保单签发并触发再保险重新谈判;考虑到 Trisura 当前偿付能力和双方财务依赖,可能性评为低。
[CR006, CR014, CR021, CR027, CR035, CR039]| 角色或职能 | 依赖或缺口 | 可能性 | 严重性 | 缓释证据 | 尽调路径 |
|---|---|---|---|---|---|
| 以色列 R&D 与安全工程 | MDR 检测逻辑、承保模型更新和威胁情报研究集中在以色列;2026 年 3 月裁员使团队减少 25 名工程师。 | 中 | 高 | 公司确认 MDR 规避效果仍在;更广泛团队仍在运行。 | 索取 2026 年 3 月裁员前后以色列按职能拆分的员工数;确认哪些 MDR 和数据科学职能受影响。 |
| 精算与承保领导层 | DWP 从 $63M 一年增至 $281M,要求精算模型能校准新出现的损失模式;102% 综合成本率显示模型承压。 | 高 | 高 | AM Best 评审流程要求精算签署确认;Munich Re 再保险方组合提供外部承保纪律。 | 取得关于损失准备金和发展模式的精算意见;确认谁负责定价模型校准,以及模型更新频率。 |
| 法务与合规领导层 | 多州盈余险合规、LMA5567 解读和 SEC 规则外溢需要专门的内部法务专长。 | 中 | 中 | 前置承保方和组合内再保险方贡献合规框架;At-Bay 拥有经验丰富的保险领导层。 | 索取法务与合规职能组织架构图;确认外部律师对战争除外保单解释的覆盖。 |
| MDR 销售与客户成功 | MDR 在约 40,000 名投保人中的渗透率,决定已证明的 Akira 规避收益能否扩展到整个保单组合。 | 中 | 高 | MDR 于 2023 年 10 月推出;2025 年 MDR 客户没有 Akira 索赔,是强早期证据。 | 披露 MDR 加入数占总保单数和 DWP 的比例;确认加入 MDR 的投保人是否有显著不同的赔付率和续保率。 |
精算与承保风险严重性评为高,因为 2024 年 102% 的综合成本率已经显示模型假设可能落后于损失显现;精算层面的人员执行因此是近期可投资性关切。
[CR011, CR014, CR020, CR033, CR035, CR045]7.5 财务模型、竞争与集中度风险
At-Bay 作为前置 MGA 的财务模型,依赖持续保费增长、稳定再保险定价,以及足以支撑运营的承保利润率。2026 年,三项假设同时承压。美国网络保险保费 2024 年下降 7%,是市场首次收缩;原因包括大型企业赔付率改善(At-Bay 不参与该市场)、资产负债表更深的传统承保公司降价,以及经纪人驱动的价格竞争。WTW 和 Marsh 均确认,美国网络费率 2024 年 Q4 下降 5%,买方有利条件延续至 2026 年 Q1。对按保费百分比赚取费用和利润佣金的 MGA 来说,即便保单数量持平,5–7% 的费率下降也会直接转化为费用收入下降。FSLSO 申报披露债务 / 权益比率为 121.3%,2024 年经营现金流为负 $10.7M,缩小了公司在不动用外部资本情况下吸收一个差于 2024 年承保年度的跑道。2021 年 $1.35B 的 Series D 估值反映的是截然不同的网络保险市场:保费加速、赔付率扩大有利于承保公司,SMB 细分市场几乎没有竞争。Beinsure 按保费将 At-Bay 列入美国前十大网络保险公司,但 Coalition、Corvus 和 Cowbell 都在以相近或更低价格激烈争夺同一 SMB 细分市场。Munich Re 预测全球网络保费到 2030 年达到 $28B,支撑长期增长;但路径很关键:如果 At-Bay 必须先穿越定价低谷才能等到费率正常化,它就需要明显更低的费用率,或一块能吸收期间承保亏损的资本缓冲。下方缓释与否决标准表、以及依赖关系图,给出可监控阈值,用于区分可承受的逆风和会击穿投资逻辑的恶化。[CR012, CR013, CR018, CR019, CR023, CR024]
| 风险领域 | 可监测触发项 | 阈值或事件 | 投资含义 |
|---|---|---|---|
| 承保与赔付率 | 连续事故年的综合成本率趋势 | 2025 事故年综合成本率超过 105%,或 2024 年保单组合的损失发展较首次报告的 102% 显著恶化。 | 将承保模型视为受损;追加资本前要求精算深挖和再保险合约审查。 |
| Akira 勒索软件集中 | 后续 InsurSec 报告中的 Akira 勒索软件索赔占比 | Akira 占比升至 50% 以上,或到 2026 年中 MDR 加入数未能超过总投保人的 10%。 | 两者同时发生会打破投资逻辑;部分触发则压低 MDR 差异化的估值溢价。 |
| 再保险容量与续约 | Munich Re 续约条款和组合参与率 | Munich Re 下次续约重定价超过 15%,或任何组合内再保险方拒绝续约;总保费 / 盈余比超过 350%。 | 降低仓位;要求管理层在下一次资本事件前证明替代再保险容量。 |
| 以色列运营与 MDR 连续性 | MDR 检测更新节奏和以色列员工数 | 以色列工程员工数较 2026 年 3 月裁员后水平下降超过 30%,或 MDR 检测更新周期延长超过 60 天。 | 重新评估 MDR 竞争护城河,并调整乐观情景中的概率加权上行。 |
| 网络险市场定价与收入模型 | 美国网络险费率指数和 At-Bay 总保费增长 | 美国网络险费率在 2026 日历年下降超过 10%,或 At-Bay DWP 增长连续两个季度同比转负。 | 将其重构为困境增长型 MGA;保留完整仓位前,要求看到费用率下降或替代收入流证据。 |
这些止损标准是监控工具,不是自动卖出信号。每个阈值都应触发加速尽调,而不是立即退出;因为管理层回应、再保险兜底、竞争动态等背景决定投资逻辑能否修复。
[CR001, CR008, CR011, CR012, CR013, CR014]At-Bay 平台位于依赖链中心,链条横跨投保客户、经纪人、前端承保公司、再保险人、Israel R&D,以及同时作为再保险人和战略投资者的 Munich Re。任何单个节点变弱,都可能跨多层传导。
[CR006, CR014, CR020, CR021, CR027, CR039]7.6 证据要点
08估值
8.1 投资逻辑与反向逻辑
At-Bay 只有作为价格纪律严格的 InsurSec 标的才可投,不能按普通高增长软件故事来买。核心逻辑是:一家拥有自有 E&S 承保纸、自研承保数据和内嵌 MDR 的网络保险公司,能在保费经济性之上降低损失,并增加经常性安全收入。公开证据支持这些要素:Forbes 报道 2024 年收入约 $155M、SMB 客户超过 53,000;At-Bay 已迁移到自有承保纸;Stance MDR 被营销为预防层;2026 年 InsurSec 证据显示 MDR 可能降低 Akira 勒索软件结果。反向逻辑同样具体。承保载体子公司 2024 年综合成本率为 102%,Relay 收购后被关闭,网络保险定价正在走软,Akira 集中度显示单一威胁行为者就能给承保模型施压。因此,本章将 At-Bay 视为有差异化、但尚未去风险的私人网络保险平台。[CV002, CV003, CV005, CV007, CV010, CV012]
| 论点 | 证据信号 | 什么会改变观点 |
|---|---|---|
| 投资逻辑:InsurSec 平台 | 自有承保资质,加上 Stance MDR 和经纪商分销 | 独立证明 MDR 在多个队列降低赔付率 |
| 投资逻辑:已有实质规模 | 约 $155M 收入和 53k+ SMB 客户 | 当前收入超过 $200M,并披露留存 |
| 投资逻辑:战略稀缺性 | 网络险数据和承保方控制权可能吸引承保方 | 已确认的收购方兴趣或战略投资 |
| 反向逻辑:承保承压 | 2024 年法定综合成本率 102% | 连续两个期间综合成本率低于 95% |
| 反向逻辑:执行摇摆 | 收购后关闭 Relay | 证据显示聚焦 Stance 改善了增长和利润率 |
| 反向逻辑:市场走软 | Fitch 和市场来源报告保费下降 | 费率稳定叠加保单数增长 |
表格区分公司质量论点和价格敏感的投资论点。
[CV005, CV007, CV009, CV012, CV017, CV022]证据支持给出“继续研究”建议,而不是无条件买入。
基于公开证据类别的定性决策流。
[CV002, CV005, CV007, CV010, CV026, CV039]8.2 建议、置信度、风险与估值立场
建议为继续研究,置信度中等,风险中高,估值立场在合理到偏高之间。若价格处于或低于上一轮新股融资的 $1.35B 标记,证据权衡会有吸引力,因为下行更接近由收入支撑的保险和 M&A 可比对象。若接近 Forbes 估计的 $2.1B 标记,只有当前赔付率已经正常化、Stance 留存强、再保险人支持保持稳定,案例才算合理。若明显高于约 $2.1B,举证负担会快速上升,因为公开可比公司不能为承保载体挂钩的保险模型支持无限的软件式倍数。最重要的投资含义是,公开证据支持继续尽调,而不是无条件买入:没有公开来源披露合并毛利率、烧钱速度、NRR、损失三角、经纪人集中度或清算优先权。[CV001, CV002, CV023, CV024, CV025, CV026]
| 维度 | 评估 | 证据基础 | 决策含义 |
|---|---|---|---|
| 建议 | 继续研究 | 平台有差异化,但缺少私有财务证明 | 仅推进至数据室尽调 |
| 置信度 | 中 | 收入、融资、承保方、索赔和可比估值证据是公开的;利润率和优先权数据不公开 | 不要按已去风险定价 |
| 风险评级 | 中高 | 102% 综合成本率、勒索软件集中、定价走软、Relay 关闭 | 要求下行保护 |
| 估值立场 | 接近 $2.1B 时合理至偏高 | 约 $155M 收入支撑一定溢价,但支撑不了无限制的软件倍数 | 目标是在更低价格进入,或带结构进入 |
| 持有 / 退出框架 | 3-5 年 | 战略并购比立即 IPO 更可信 | 按承保方收购和选择性 IPO 可选性建模 |
评估来自公开证据;私有数据室指标可能实质性改变立场。
[CV023, CV024, CV025, CV026, CV030, CV031]At-Bay 在市场和产品验证上得分较高,但经济性和证据质量较低。
KPI 分数是 IC 基于公开证据给出的 1-10 分评分判断。
[CV023, CV026, CV031, CV036, CV037, CV038]8.3 融资背景、入场纪律与优先权悬置
At-Bay 清晰的公开融资锚点仍是 2021 年 Series D:融资 $185M,投后估值 $1.35B;根据背景财务来源,之后又获得额外资本延展。Forbes 和 Latka 提供当前收入框架,但都不能取代新股融资标记。这一点重要,因为 2021 年后,后期网络保险倍数已经重置:公开市场保险科技 投资者现在关注损失控制、盈利能力和资本强度。因此,有纪律的入场应基于当前收入和法定经济性承保,而不是基于独角兽标签。优先权悬置是重要的私募市场风险。近 $300M 披露资本很可能带有清算优先权;若退出价值低于当前优先股堆叠加累计优先权,普通股经济性可能与头部企业价值大幅不同。新资金签署前应要求优先权平价、参与上限和反稀释审查。[CV001, CV004, CV005, CV016, CV029, CV030]
回报吸引力在过时 Series D 标记、估计合理区间和偏高入场点之间陡然变化。
分数是 1-10 的定性吸引力评分,不是建模 IRR。
[CV001, CV024, CV029, CV030, CV045]8.4 乐观、基准与悲观情景
情景区间有意拉宽,因为最影响估值的变量都在私域。乐观情景达到约 $2.8B–$3.5B:收入复合增速超过 25%,Stance 成为高毛利第二收入线,MDR 证据降低损失,综合成本率改善到 95% 以下。基准情景约为 $1.4B–$2.1B:At-Bay 仍是强劲的网络 MGA / 承保载体,Stance 有中等贡献,但承保改善逐步推进,估值仍绑定收入加战略稀缺性。悲观情景为 $0.7B–$1.1B:综合成本率持续高于 100%,保费率继续走软,再保险人要求更差条款,或勒索软件集中度压过预防能力。下行触发因素直接映射到风险章节:赔付率恶化、再保险收缩、MDR 执行失败和市场价格压缩。[CV017, CV018, CV020, CV021, CV027, CV028]
| 情景 | 假设 | 估值区间 | 概率信号 | 下行触发 |
|---|---|---|---|---|
| 乐观 | 收入 CAGR >25%,Stance 放量,综合成本率 <95%,再保险稳定 | $2.8B-$3.5B | MDR 附加率和赔付率证明 | Akira 或系统性损失激增 |
| 基准 | 收入温和增长,Stance 仍低于收入的 15%,综合成本率向 98% 收敛 | $1.4B-$2.1B | 承保方盈余稳定,客户增长 | 定价走软抵消保单增长 |
| 悲观 | 综合成本率 >100%,网络险费率下降,再保险方要求更差条款 | $0.7B-$1.1B | 降价融资或战略出售传闻 | 再保险或盈余压力 |
| 结构化情景 | 以高于 $2.1B 进入,但带优先权保护和里程碑棘轮条款 | 回报取决于下行条款 | 投资者获得同等优先级和上限 | 排在新钱之前的参与型优先权 |
估值区间估计来自公开收入、私有网络险可比公司和下行 M&A 参考,不是公司指引。
[CV024, CV027, CV028, CV030, CV041, CV042]| 触发因素 | 阈值 | 对投资逻辑的传导 | 行动含义 |
|---|---|---|---|
| 承保亏损持续 | TTM 综合成本率 >105% | 估值从 InsurSec 溢价变成保险亏损故事 | 转入悲观情景或回避 |
| 再保险恶化 | 自留比例上升,或再保团支持下降 | 尾部风险转向 At-Bay 资本基础 | 要求更低价格和交易结构 |
| MDR 停滞 | 附加率持平、流失高,或毛利率低 | 安全层撑不起估值倍数溢价 | 剔除软件估值提升 |
| 网络险费率继续下行 | 费率跌幅超过保单数增长 | MGA 费用和利润佣金收缩 | 下调收入倍数 |
| 勒索软件集中度持续 | Akira 类团伙再次贡献 >40% 勒索软件索赔 | 精算模型暴露在单一攻击者风险下 | 要求损失准备金和队列证明 |
这些阈值是从公开风险推导的尽调触发点;若数据室有可用约束,应以数据室条款替换。
[CV010, CV017, CV020, CV021, CV038, CV041]在私有指标核实前,公开证据只支持从悲观到乐观都很宽的估值区间。
数值为估计企业价值区间,单位为十亿美元。
[CV024, CV027, CV028, CV041, CV042, CV043]8.5 可比对象与估值倍数
最相关的可比对象是混合型。Coalition 以披露的 $5B Series F 估值定义了私人网络保险上限基准,背后有更大规模和市场领导力支撑。Cowbell 提供较低规模的私人融资参考,但没有公开估值标记。Corvus 提供最具体的 M&A 参考:Travelers 以约 $435M 收购一家网络保险科技承保平台,显示战略买方兴趣,同时也给出一个远低于独角兽时代私人估值的真实退出数据点。Lemonade、Hippo 和 Root 等公开保险科技公司并不完美,因为它们不是网络保险专家;但其申报和市场数据对纪律有用:保险型数字模型按收入质量、损失控制、资本强度和盈利路径估值。只有在 Stance 和承保数据能被证明改善损失结果时,At-Bay 才应相对疲弱的公开数字承保公司获得溢价。[CV013, CV014, CV015, CV016, CV033, CV034]
| 可比对象 | 指标或交易 | 估值 / 状态 | 参考意义 | 局限性 |
|---|---|---|---|---|
| At-Bay | 2021 年 Series D 轮 | $1.35B 投后估值 | 主要历史锚点 | 已过时;早于费率走软 |
| Forbes At-Bay 画像 | 2024 年收入 / 估计估值 | 约 $155M 收入;估计估值约 $2.1B 的背景 | 当前私营公司收入框架 | Forbes 估计不是定价融资轮 |
| Coalition | Series F 轮 | $5B 估值 | 网络险私营可比公司的上沿 | 规模更大,市场位置更强 |
| Cowbell | Series C 轮 | $60M 融资;估值未披露 | 中期网络险融资可比项 | 未披露估值倍数 |
| Corvus / Travelers | 战略收购 | 约 $435M 收购参照 | 网络保险科技 M&A 的明确下限 | 规模和时点不同 |
| Lemonade / Hippo / Root | 公开文件和市场数据 | 收入和市值约束 | 显示保险类倍数压缩风险 | 不是网络险专营同行 |
该清单是代表性可比项,不是完整名单;各行按估值相关性和公开证据质量筛选。
[CV001, CV002, CV013, CV014, CV015, CV016]8.6 退出就绪度与最终尽调要求
从公开证据看,At-Bay 更适合被战略收购,而非已经具备 IPO 条件。自有承保纸、经纪关系、网络索赔数据和 Stance 平台,会吸引寻求网络保险分发的专业承保公司、再保险人或安全厂商。近期 IPO 较难支撑,因为公开市场投资者会要求合并 GAAP 收入、赔付率历史、准备金、再保险细节,以及可信的承保盈利路径。最终尽调包必须在任何投资前补齐六项缺口:当前合并财务、损失三角、再保险条约条款、Stance 队列留存和毛利率、股权结构优先权、经纪人集中度。投资逻辑失效触发因素是明确的:综合成本率高于 105%、再保险条款恶化、MDR 附加停滞,或出现估值下调轮融资 信号。若其中任意两项同时发生,估值案例应重置到悲观区间。[CV031, CV032, CV041, CV042, CV043, CV044]
| 主题 | 缺失证据 | 重要性 | 尽调路径 |
|---|---|---|---|
| 近期财务 | 2025-2026 合并收入、毛利率、烧钱速度、现金 | 决定收入倍数和现金跑道 | CFO 数据室材料和月度管理报表 |
| 赔付表现 | 赔付三角、按队列划分的综合成本率、准备金发展 | 区分增长压力和结构性承保弱点 | 精算审查和法定口径到 GAAP 的桥接 |
| Stance 经济性 | ARR、流失率、毛利率、附加率、独立续约 | 验证软件化估值溢价 | 导出队列数据并访谈客户 |
| 再保险 | 合约条款、起赔点、分保佣金、续约状态 | 决定尾部风险和资本需求 | 与保险律师审阅再保合约 |
| 股权结构表 | 清算优先权、参与权、反稀释、债务 | 控制退出收益分配 | 融资文件法律审查 |
| 分销 | 头部经纪集中度、佣金表、续保留存 | 检验获客耐久性 | 经纪队列和渠道访谈 |
这些尽调事项是投资承诺前必须补齐的内容,因为公开证据让每个变量都未解。
[CV023, CV025, CV029, CV031, CV032, CV044]8.7 证据要点
免责声明
本尽调报告仅基于截至 2026-06-03 可公开获取的信息。报告不构成投资建议,也不构成买入或卖出证券的招揽。财务估计、估值区间和情景观点均为基于公开来源形成的分析判断;作出任何投资决定前,都应通过管理层材料、法定申报文件、法律审查和独立财务尽调核验。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | At-Bay was founded in 2016 in San Francisco, California. | 高 | SO001, SO003, SO006 |
| CO002 | At-Bay operates as an 'InsurSec' provider, combining full-stack cyber insurance underwriting with embedded proactive cybersecurity services under one corporate structure. | 高 | SO001, SO004, SO007 |
| CO003 | At-Bay retains approximately 15% of the underwritten insurance risk and cedes the remainder to large reinsurers. | 中 | SO007, SO024 |
| CO004 | At-Bay is organized as a group including At-Bay, Inc. (parent), At-Bay Insurance Services, LLC (E&S broker), an active full-stack insurance company, and At-Bay Security, LLC (cybersecurity affiliate). | 高 | SO001, SO004, SO005 |
| CO005 | At-Bay operates six offices globally as of 2025–2026, including its San Francisco headquarters and a significant technical hub in Tel Aviv, Israel. | 高 | SO001, SO006 |
| CO006 | Rotem Iram co-founded At-Bay in 2016 and serves as its CEO. | 高 | SO001, SO002, SO003 |
| CO007 | Rotem Iram served as a captain in an elite Israeli intelligence unit analogous to the U.S. NSA (Israeli Unit 8200) before co-founding At-Bay. | 中 | SO017, SO006 |
| CO008 | Rotem Iram holds a BS in Computer Engineering from Hebrew University of Jerusalem and an MBA from Harvard Business School. | 中 | SO017 |
| CO009 | Roman Itskovich co-founded At-Bay in 2016 and serves as Chief Risk Officer (CRO). | 高 | SO001, SO002, SO006 |
| CO010 | Roman Itskovich previously served on the investment team at Bain Capital and as a consultant at McKinsey & Company before co-founding At-Bay. | 中 | SO006 |
| CO011 | Roman Itskovich holds a BA in Economics and Accounting from Tel Aviv University and an MBA from Harvard Business School. | 中 | SO006 |
| CO012 | At-Bay had four co-founders: Rotem Iram, Roman Itskovich, Etai Hochman, and Tilli Kalisky-Bannett; Hochman and Kalisky-Bannett no longer hold executive roles. | 中 | SO006 |
| CO013 | Ken Riegler serves as President of At-Bay Insurance as of 2025. | 高 | SO001, SO008 |
| CO014 | Ari Fischel serves as Chief Financial Officer at At-Bay. | 中 | SO001 |
| CO015 | Ayelet Kutner serves as Chief Technology Officer at At-Bay. | 中 | SO001 |
| CO016 | Tara Bodden serves as General Counsel & Head of Claims at At-Bay. | 中 | SO001 |
| CO017 | Thom Dekens serves as Chief Business Officer and GM of At-Bay Security. | 中 | SO001, SO004 |
| CO018 | At-Bay raised a $6 million seed round in approximately November 2017 backed by Lightspeed Venture Partners and Shlomo Kramer. | 中 | SO002, SO003 |
| CO019 | At-Bay closed a $34 million Series B in February 2020, co-led by Munich Re Ventures (HSB fund) and Acrew Capital, with participation from Khosla Ventures, Lightspeed, Qumra Capital, M12, and Shlomo Kramer. | 高 | SO003, SO014 |
| CO020 | At-Bay closed a $34 million Series C in December 2020, led by Qumra Capital, with M12 (Microsoft's venture fund) as a new investor. | 高 | SO003, SO014 |
| CO021 | At-Bay closed a $185 million Series D in July 2021, co-led by Icon Ventures and Lightspeed Venture Partners, establishing a post-money valuation of $1.35 billion. | 高 | SO002, SO006, SO018 |
| CO022 | At-Bay raised a $20 million Series D extension in October 2021 from existing investors. | 中 | SO002 |
| CO023 | At-Bay's total funding as of early 2026 is approximately $295.7 million, per the official At-Bay About page. | 高 | SO001, SO002 |
| CO024 | Forbes Big Tech 50 2024 estimated At-Bay's valuation at approximately $2.1 billion, reflecting growth since the 2021 Series D but unconfirmed by a new primary financing round. | 低 | SO007 |
| CO025 | Key investors in At-Bay include Icon Ventures, Lightspeed Venture Partners, Khosla Ventures, M12, Acrew Capital, Qumra Capital, Munich Re Ventures (HSB fund), Shlomo Kramer, Glilot Capital, and ION Crossover Partners. | 高 | SO001, SO002, SO003 |
| CO026 | At-Bay reported approximately $155 million in revenue for fiscal year 2024, up from $129 million in 2023 and $90 million in 2022. | 中 | SO007, SO019 |
| CO027 | At-Bay insures close to 40,000 businesses in the US as of April 2025, per a press release for the 2025 InsurSec Report. | 中 | SO022, SO008 |
| CO028 | At-Bay's MDR segment grew from fewer than 1,000 MDR customers in early 2023 to approximately 7,500 customers by the end of 2024. | 中 | SO007, SO019 |
| CO029 | At-Bay's MDR business generated approximately $13 million in annualized revenue as of year-end 2024. | 低 | SO007 |
| CO030 | At-Bay employs approximately 340+ people as of its official About page, spread across six global offices. | 中 | SO001 |
| CO031 | At-Bay has raised a total of approximately $295.7 million in venture equity across six rounds from 2017 through 2021. | 高 | SO001, SO002 |
| CO032 | At-Bay launched At-Bay Stance Managed Detection and Response on October 26, 2023, with commercial availability beginning January 2024. | 中 | SO004, SO020 |
| CO033 | In June 2024, At-Bay expanded its Cyber and Tech E&O excess-and-surplus coverage to businesses with up to $5 billion in revenue and aggregate policy limits up to $10 million. | 中 | SO005 |
| CO034 | At-Bay acquired the Relay Platform, a digital broker-placement startup, approximately in August 2022. | 中 | SO011 |
| CO035 | At-Bay shut down Relay Platform effective August 6, 2024, approximately two years after acquiring it, citing a strategic refocus on core insurance and security. | 中 | SO011 |
| CO036 | The US cyber insurance market saw its first-ever contraction in 2024, with direct written premium falling approximately 7% to $9.14 billion per NAIC data. | 高 | SO012, SO015 |
| CO037 | At-Bay's 2026 InsurSec Report (covering more than 100,000 policy years of claims data) found that average cyber claim severity hit an all-time high of $221,000 in 2025, with ransomware severity reaching $508,000, up 16% year-over-year. | 高 | SO009, SO010, SO013 |
| CO038 | The cyber insurance market experienced sustained price softening, with US pricing down approximately 13% from Q4 2023 to Q4 2025, and US combined ratios projected to reach 97% in 2026. | 中 | SO015, SO016, SO023 |
| CO039 | Financial fraud remained the most common incident type in At-Bay's 2025 portfolio, accounting for approximately 30% of all claims, with average stolen funds rising 16% to $285,000. | 中 | SO009, SO021 |
| CO040 | Third-party liability claims in At-Bay's 2025 portfolio jumped 70% year-over-year, driven by class-action lawsuits under the California Invasion of Privacy Act, exposing policyholders to multi-year litigation beyond the primary incident. | 中 | SO009, SO021 |
| CO041 | At-Bay Stance includes vulnerability scanning, dark web monitoring, AI-powered email fraud alerts, virtual CISO advisory, and employee security awareness training, available to policyholders through the Stance Exposure Management endorsement. | 高 | SO001, SO005, SO024 |
| CO042 | At-Bay Stance MDR is powered by CrowdStrike technology and provides 24/7 endpoint monitoring by At-Bay's in-house security experts. | 中 | SO005, SO004 |
| CO043 | At-Bay estimated that more than 50% of its customers' cyber insurance claims from Q4 2021 through Q3 2023 could have been mitigated with an effective MDR solution. | 中 | SO004, SO020 |
| CO044 | At-Bay's ransomware loss frequency was approximately seven times lower than the industry average as of the Series D announcement in July 2021. | 中 | SO002, SO018 |
| CO045 | At-Bay's embedded Stance Exposure Management tools are valued at up to $70,000 per policy at prevailing market rates, representing significant policyholder value embedded in each insurance contract. | 低 | SO008, SO024 |
| CO046 | At-Bay reported a broker Net Promoter Score (NPS) of 93 on its Stance broker platform, reflecting strong broker satisfaction per its official About page as of early 2026. | 中 | SO001 |
| CM001 | The relevant market boundary for At-Bay is commercial cyber insurance plus adjacent MDR/security services, excluding personal cyber insurance, generic P&C lines, and unmanaged cybersecurity tooling that is not bundled with insured risk transfer. | 高 | SM001, SM016, SM017, SM018 |
| CM002 | U.S. cyber insurance direct written premium reached roughly $9.14B in 2024, down about 7% from 2023 and marking the first U.S. annual premium decline in the NAIC series. | 高 | SM001, SM012 |
| CM003 | Munich Re estimated global cyber insurance premiums at $15.3B in 2024 and $16.3B in 2025. | 中 | SM002, SM013 |
| CM004 | Swiss Re identifies SMEs as a major underpenetrated cyber-insurance growth pool, with materially lower penetration than large corporate buyers. | 中 | SM003, SM011 |
| CM005 | Howden reports that cyber insurance pricing has fallen materially from the 2022 peak as market capacity and competition increased. | 中 | SM004, SM005 |
| CM006 | Marsh describes U.S. cyber insurance as a softening market in which rates are decreasing while cyber threats continue to evolve. | 中 | SM007 |
| CM007 | Aon reports buyer-friendly cyber conditions, with lower rates coexisting with rising ransomware activity. | 中 | SM008, SM033 |
| CM008 | Fitch warns that renewed U.S. cyber insurance growth can raise underwriting risk if competitive pricing weakens risk selection discipline. | 中 | SM009 |
| CM009 | Moody's frames cyber concentration risk as a portfolio-level issue created by shared technologies, common vendors, and correlated digital dependencies. | 中 | SM010 |
| CM010 | The CrowdStrike Falcon content update incident demonstrated that a non-malicious vendor update can create widespread technology downtime relevant to cyber accumulation models. | 中 | SM027, SM028 |
| CM011 | The SEC cybersecurity disclosure rules require public companies to disclose material cybersecurity incidents and cybersecurity governance information, increasing board-level attention to cyber risk transfer. | 中 | SM025 |
| CM012 | The EU NIS2 Directive strengthens cybersecurity risk-management and reporting obligations across important and essential entities, supporting European cyber-risk management demand. | 中 | SM026 |
| CM013 | At-Bay positions itself as an InsurSec provider that sells cyber insurance and MDR/security services rather than a stand-alone cyber insurer only. | 高 | SM016, SM017, SM018 |
| CM014 | At-Bay's MDR product provides 24/7 monitoring and response delivered by At-Bay security experts. | 中 | SM017, SM020 |
| CM015 | At-Bay's insurance-plus-security proposition includes active risk monitoring, vulnerability scanning, security guidance, and policyholder incentives tied to improved security posture. | 中 | SM018, SM021 |
| CM016 | At-Bay and CrowdStrike announced a partnership to boost cyber resilience among SMBs using CrowdStrike technology in At-Bay Stance MDR. | 中 | SM019 |
| CM017 | At-Bay's admitted cyber product for smaller businesses broadens its addressable SMB market beyond surplus-lines-only placement. | 中 | SM022 |
| CM018 | At-Bay's core buyer motion remains broker-led, making brokers the channel gatekeeper even when the end user is an SMB owner, IT leader, or finance leader. | 中 | SM016, SM021, SM022 |
| CM019 | The buyer for SMB cyber insurance is often the owner, CFO, controller, or IT manager, while the user is the security/IT operator and the payer is the business budget holder. | 中 | SM016, SM018, SM021 |
| CM020 | MDR is a distinct adjacent market because it lowers cyber incident frequency and improves insurability but does not replace insurance balance-sheet protection for severe losses. | 中 | SM017, SM029, SM030, SM031 |
| CM021 | IDC and Gartner treat MDR as a mature managed security category focused on outsourced detection, response, and security-operations outcomes. | 中 | SM030, SM031 |
| CM022 | Expert Insights compiles MDR market estimates showing a multibillion-dollar global MDR market growing faster than cyber insurance premium. | 中 | SM032 |
| CM023 | Verizon DBIR breach patterns and IBM breach-cost data support persistent cyber-insurance demand because ransomware, credential misuse, business interruption, and breach remediation remain financially material. | 中 | SM023, SM024 |
| CM024 | IBM's breach-cost research supports the economic rationale for buyers to fund prevention and response capabilities alongside risk transfer. | 中 | SM024 |
| CM025 | Cyber insurance TAM for At-Bay is better represented as 2025 global commercial cyber premium of roughly $15B-$17B rather than a broader cybersecurity-spend total. | 中 | SM002, SM003, SM006 |
| CM026 | At-Bay's SAM is concentrated in U.S. SMB and mid-market cyber insurance plus attached MDR/security services rather than all global enterprise cyber risk transfer. | 中 | SM001, SM016, SM017, SM022 |
| CM027 | At-Bay's SOM is constrained by broker distribution, admitted/surplus appetite, reinsurance capacity, and buyer willingness to adopt integrated security services. | 中 | SM016, SM018, SM021, SM022 |
| CM028 | Contradictory market estimates arise because sources mix global versus U.S. scope, GWP versus DWP, standalone versus package cyber, and cyber insurance versus cybersecurity services. | 中 | SM001, SM002, SM003, SM006 |
| CM029 | Standalone cyber, packaged cyber endorsements, surplus-lines cyber, admitted cyber, and MDR/security services are separate spend pools that should not be summed without boundary adjustments. | 中 | SM001, SM016, SM017, SM022 |
| CM030 | Reinsurance capacity is a structural constraint for At-Bay because the company cedes substantial risk and cyber accumulation models remain sensitive to systemic loss scenarios. | 中 | SM006, SM009, SM010, SM015 |
| CM031 | Cyber reinsurance pricing softening in 2026 is favorable for near-term capacity but can also signal competitive pressure and thinner risk margins. | 中 | SM015, SM006 |
| CM032 | Systemic/vendor outage risk is adverse for cyber insurers because a single shared technology failure can create many simultaneous claims across otherwise diversified SMB portfolios. | 中 | SM010, SM027, SM028 |
| CM033 | Regulatory catalysts help demand generation but are strongest for public companies and regulated sectors, while many SMB purchases are still triggered by contracts, brokers, lenders, and post-incident risk awareness. | 中 | SM025, SM026, SM018, SM021 |
| CM034 | Rate softening means At-Bay can grow policy count while premium per unit of risk declines, pressuring insurance revenue yield unless MDR attachment and underwriting selection offset it. | 中 | SM004, SM007, SM008, SM009 |
| CM035 | The market case for At-Bay is strongest where SMBs lack internal security operations and value bundled insurance, monitoring, and remediation more than stand-alone coverage. | 中 | SM017, SM018, SM020, SM021 |
| CM036 | The adverse case is that cyber insurance remains exposed to correlated catastrophe risk, vendor concentration, and underwriting-cycle volatility that MDR cannot fully remove. | 中 | SM009, SM010, SM014, SM027 |
| CM037 | Gallagher's 2026 outlook indicates the market remains competitive with abundant capacity and evolving underwriting attention to controls, claims, and aggregation. | 中 | SM006 |
| CM038 | Business Insurance and Swiss Re summaries preserve a contradiction: aggregate premium can rise through exposure growth even while rate levels deteriorate. | 中 | SM003, SM011 |
| CM039 | The MDR adjacency expands At-Bay's SAM beyond premium commission and underwriting economics, but public sources do not isolate the share of cyber policyholders willing to pay separately for MDR. | 中 | SM017, SM020, SM029, SM032 |
| CM040 | Cyber insurance penetration in SMEs remains the key swing factor for long-run TAM expansion, making SMB education and broker-led distribution central to At-Bay's market opportunity. | 中 | SM003, SM021, SM022 |
| CM041 | Insurance and MDR budgets are owned by different functions in many SMBs, creating an execution risk for bundled InsurSec adoption even when the risk case is strong. | 中 | SM018, SM021, SM029, SM031 |
| CM042 | A constrained SOM view should haircut the global cyber TAM for geography, SMB/mid-market focus, broker reach, admitted/surplus appetite, competitive carriers, and separate MDR attach rate. | 中 | SM001, SM006, SM016, SM022 |
| CM043 | At-Bay's MDR and active monitoring can improve risk selection and loss prevention, but they do not eliminate exposure to supply-chain events such as common EDR, cloud, identity, and software-update failures. | 中 | SM017, SM010, SM027, SM028 |
| CM044 | For valuation, the relevant market story is not only cyber premium growth but whether At-Bay can convert a softening insurance cycle into higher-quality revenue through MDR attachment and lower losses. | 中 | SM004, SM008, SM017, SM021 |
| CM045 | The biggest sizing gap is that no public source cleanly reports At-Bay's current GWP, MDR attach rate, MDR gross margin, or broker productivity by customer segment. | 低 | |
| CP001 | At-Bay served more than 53,000 small and midsize business policyholders with cyber insurance as of March 2026. | 高 | SP002, SP020 |
| CP002 | Coalition reported 100,000+ active policyholders globally as of 2026 across the US, Canada, UK, Australia, and Germany. | 中 | SP007, SP033 |
| CP003 | At-Bay reported $155 million in revenue in 2024, up from $129 million in 2023. | 中 | SP020, SP029 |
| CP004 | At-Bay's MDR standalone security customers grew from fewer than 1,000 in 2023 to 7,500 by end of 2024. | 中 | SP020, SP022 |
| CP005 | Coalition's gross written premium (GWP) exceeded $650 million on an annualized run-rate basis as of its last public update. | 中 | SP007, SP033 |
| CP006 | The global cyber insurance market reached an estimated $16.6 billion in gross written premiums (GWP) in 2026, with North America accounting for approximately $10.2 billion. | 中 | SP017, SP018 |
| CP007 | MGAs now underwrite approximately one-third of total global cyber GWP, a materially larger share than five years prior. | 中 | SP015, SP018 |
| CP008 | Cowbell raised $208.3 million in total funding including a $60 million Series C from Zurich Insurance Group. | 中 | SP008 |
| CP009 | Resilience raised $217 million across four rounds, including a $100 million Series D in July 2023, and counts more than 10% of US enterprises with revenues over $1 billion as customers. | 中 | SP012, SP033 |
| CP010 | Corvus Insurance was acquired by Travelers in January 2024 for approximately $435 million and now operates as Travelers' AI-enabled cyber underwriting capability. | 中 | SP010, SP011 |
| CP011 | Zurich Insurance Group announced an agreement to acquire Beazley PLC for approximately $10.9 billion (GBP 8.1 billion) in cash in March 2026. | 高 | SP013, SP014 |
| CP012 | The Zurich-Beazley combination is expected to create a global cyber insurance incumbent with approximately $1.28 billion in Beazley's 2024 cyber premiums combined with Zurich's balance sheet and admitted carrier network. | 中 | SP013, SP014, SP032 |
| CP013 | A combined Zurich-Beazley entity would have approximately $15 billion in annual premiums across specialty and commercial lines, creating the single most capitalized incumbent cyber insurance competitor. | 中 | SP032, SP013 |
| CP014 | At-Bay distributes exclusively through licensed insurance brokers and does not operate a direct-to-buyer sales channel. | 中 | SP006 |
| CP015 | Global cyber insurance rates fell approximately 27% from mid-2022 through 2025; the US experienced approximately a 9% premium rate decline over the same period. | 高 | SP016, SP017, SP025 |
| CP016 | Average SMB cyber insurance premiums in 2026 are estimated at approximately $1,000 per year per $1 million limit for clean risks, down significantly from the 2022 peak. | 中 | SP017, SP018, SP025 |
| CP017 | At-Bay's Stance MDR achieved $13 million in annualized standalone revenue by end of 2024, up from less than $1 million in 2023. | 中 | SP020, SP022 |
| CP018 | Huntress surpassed $100 million in ARR in 2024, raised a $180 million Series D at a $1.5 billion valuation, and maintained more than 4,000 MSP partner relationships as of early 2026. | 中 | SP023 |
| CP019 | Huntress priced its managed EDR at approximately $8.99 per endpoint per month at list price in 2026, targeting the same SMB segment as At-Bay Stance. | 中 | SP023, SP033 |
| CP020 | Beazley PLC had over $1.28 billion in cyber insurance premiums in 2024 before the Zurich acquisition announcement. | 中 | SP013, SP031 |
| CP021 | Beazley reduced its US cyber insurance business in 2025 in response to rising claims severity and falling premiums, indicating underwriting discipline concerns at an incumbent level. | 中 | SP016, SP031 |
| CP022 | Chubb operates in approximately 54 countries with approximately $54 billion in gross written premium and offers Cyber Enterprise Risk Management products targeting medium-to-large enterprises. | 中 | SP033 |
| CP023 | Arctic Wolf filed an S-1 for a public offering in February 2026 and carries a valuation of approximately $4.3 billion. | 中 | SP024 |
| CP024 | Arctic Wolf's estimated revenue reached approximately $913 million in 2026, growing from $541 million ARR in 2024, with more than 5,500 customers. | 中 | SP024 |
| CP025 | At-Bay's 2026 InsurSec Report covers more than 100,000 policy years of claims data, providing the proprietary actuarial foundation for its underwriting model. | 中 | SP001 |
| CP026 | At-Bay's average ransomware claim severity reached $508,000 in 2025, up 16% year-over-year; overall average claim severity hit $221,000, both at all-time highs. | 中 | SP001, SP002, SP003 |
| CP027 | Over 40% of ransomware claims on At-Bay's books in 2025 were attributed to the Akira ransomware group, and 87% of ransomware attack vectors involved remote access tools. | 中 | SP004, SP028 |
| CP028 | Cyber insurance claim frequency increased approximately 7% year-over-year and average claim severity hit an all-time high of $221,000 across At-Bay's 2025 claims portfolio. | 中 | SP002, SP003 |
| CP029 | At-Bay Specialty Insurance Company holds an AM Best financial strength rating of B++ for its E&S paper. | 中 | SP021, SP027 |
| CP030 | At-Bay's E&S carrier (At-Bay Specialty Insurance Company) restricts the company to non-admitted placements in most states, a structural disadvantage versus Coalition's admitted carrier (CIC, A- AM Best) available in 50 states. | 中 | SP021, SP027 |
| CP031 | Coalition's May 2026 Allianz partnership grants it 10-year global distribution rights, widening the distribution gap with At-Bay, which has no disclosed non-US distribution partner. | 中 | SP007, SP033 |
| CP032 | CrowdStrike Falcon Complete and SentinelOne Vigilance Respond are the primary enterprise-grade MDR competitors to At-Bay Stance; their managed tiers are priced above At-Bay's bundled offering but provide superior detection breadth and independent brand recognition. | 中 | SP035, SP033 |
| CP033 | At-Bay raised $295.75 million in total venture funding, with the $185 million Series D (July 2021) at a $1.35 billion valuation as the most recent disclosed round. | 高 | SP009, SP020 |
| CP034 | Switching costs in At-Bay's InsurSec model are moderate: a departing policyholder loses Stance MDR alert workflow integration and vulnerability scan history but is not contractually locked in beyond the annual policy term. | 中 | SP006, SP034 |
| CP035 | Coalition's Active Insurance model and At-Bay's InsurSec model are near-identical in positioning but differ on carrier type (admitted vs. E&S), MDR depth (Wirespeed ADR vs. Stance MDR), claims data scale, and distribution reach. | 中 | SP001, SP034, SP007 |
| CP036 | At-Bay shut down its Relay specialty insurance platform (acquired 2022) in 2025-2026, signaling a reduction in multi-product diversification ambitions and raising execution risk concerns. | 中 | SP005 |
| CP037 | Corvus/Travelers expanded into continental European markets post-acquisition, while At-Bay remains US-only, creating a growing geographic addressable market gap. | 中 | SP010, SP011 |
| CP038 | Cowbell launched Zurich Select Plus (a modular multi-line E&S product) in June 2025 and completed a brand refresh in November 2025, signaling a multi-line expansion beyond pure-cyber MGA positioning. | 中 | SP008, SP033 |
| CP039 | The Zurich-Beazley acquisition (announced March 2026, pending regulatory completion) is the largest specialty insurance consolidation event of the decade in cyber lines. | 中 | SP013, SP032 |
| CP040 | At-Bay's Stance MDR platform achieves a 15-minute mean time to remediate (MTTR) as a published technical differentiator versus competitor MDR and ADR products. | 中 | SP034, SP035 |
| CP041 | At-Bay has approximately 500 employees as of early 2026, reflecting 21% employee growth versus the prior period. | 中 | SP020 |
| CP042 | Coalition's policyholder count declined from approximately 160,000 US policyholders in 2022 to approximately 110,000 active policyholders in 2025 before recovering globally; the decline was not publicly explained and represents an adverse competitive signal for Coalition. | 中 | SP007, SP033 |
| CP043 | Cyber insurance claim frequency and severity both reached all-time highs in 2025, consistent with market-wide increases in cyberattacks, per At-Bay's 2026 InsurSec Report. | 中 | SP001, SP002 |
| CI001 | Forbes reported At-Bay's total revenue was approximately $155M in 2024, up from $129M in 2023, across its insurance and security business lines. | 中 | SI011 |
| CI002 | At-Bay's revenue model encompasses two distinct streams—insurance net premiums from E&S cyber and Tech E&O policies, and Stance security subscription fees—creating a dual-revenue architecture that partially insulates the company from insurance rate cycles. | 中 | SI019, SI011 |
| CI003 | At-Bay reported net revenue exceeding $110M in 2023, disclosed at the time of Ken Riegler's appointment as president in early 2024. | 中 | SI003, SI015 |
| CI004 | At-Bay reported surpassing $160M in annual recurring revenue (on a gross premium basis) in mid-2021 on the back of 800% year-over-year premium growth at the time of its Series D close. | 中 | SI016 |
| CI005 | At-Bay's annual gross written premium reached approximately $380M in 2022, when the company operated solely as an MGA writing on third-party paper (HSB Specialty Insurance, Munich Re subsidiary). | 低 | SI017 |
| CI006 | At-Bay's Stance Managed Detection and Response (MDR) product grew from fewer than 1,000 customers in 2023 to 7,500 customers by end of 2024. | 中 | SI011 |
| CI007 | Stance MDR reached approximately $13M in annualized subscription revenue by end of 2024, implying roughly $1,733 per customer per year at the reported 7,500 customer count. | 中 | SI011 |
| CI008 | At-Bay serves more than 53,000 small and midsize businesses as of early 2026, up from 40,000+ policyholders reported in early 2024. | 中 | SI011, SI019 |
| CI009 | At-Bay retains approximately 15% of insurance risk, passing the remaining 85% to reinsurance partners, and distributes cyber and Tech E&O policies exclusively through wholesale brokers and digital channels. | 中 | SI011 |
| CI010 | At-Bay Specialty Insurance Company reported direct premium written nationally of $280.6M in full-year 2024, versus $63.1M in 2023—a 345% increase reflecting the first full year of writing on own E&S paper. | 高 | SI004, SI005 |
| CI011 | At-Bay acquired the entity that became At-Bay Specialty Insurance Company from XL Insurance America in January 2023; the company was formerly named XL Select Insurance Co., incorporated in 1965, and carried eligibility in 44 states. | 高 | SI013, SI002 |
| CI012 | At-Bay Specialty Insurance Company is an excess and surplus lines property and casualty insurer licensed in 44 states and domiciled in Delaware (NAIC 19607). | 高 | SI004, SI005 |
| CI013 | AM Best assigned At-Bay Specialty Insurance Company a Financial Strength Rating of A- (Excellent) with a stable outlook in April 2023, enabling At-Bay to compete for broker placements that require rated-paper carriers. | 高 | SI001, SI002 |
| CI014 | At-Bay began issuing all new E&S Cyber and Tech E&O business on its own paper starting August 7, 2023, completing the full-stack carrier transition. | 高 | SI001, SI002 |
| CI015 | At-Bay Specialty Insurance Company's top five reinsurers in 2024 were Münchener Rückversicherungs-Gesellschaft, Skyward Specialty Insurance Group, AXA SA, W.R. Berkley Corp., and Fairfax Financial Holdings—all US unaffiliated or non-US authorized with zero overdue reinsurance recoveries. | 高 | SI004, SI005 |
| CI016 | As of December 31, 2024, At-Bay Specialty Insurance Company had total admitted assets of $223.9M and capital and surplus of $101.2M per FSLSO regulatory filings. | 高 | SI004, SI005 |
| CI017 | Prior to acquiring its own carrier in January 2023, At-Bay underwrote insurance through HSB Specialty Insurance Company, rated A++ by AM Best and a subsidiary of Munich Re—the same entity that remains At-Bay's largest reinsurer. | 中 | SI016, SI013 |
| CI018 | Gross premium at At-Bay Specialty Insurance Company grew from $154.5M in 2023 to $338.2M in 2024, a 119% increase, reflecting the first full calendar year of writing on own E&S paper. | 高 | SI004, SI005 |
| CI019 | Net premium at At-Bay Specialty Insurance Company was $49.9M in 2024 versus gross premium of $338.2M, indicating an effective 85% cession rate to reinsurers. The net premium declined from $67.8M in 2023 despite GWP more than doubling. | 高 | SI004, SI005 |
| CI020 | At-Bay Specialty Insurance Company's gross premium to surplus ratio reached 334.2% in 2024, with NAIC IRIS ratios #4, 6, and 10 flagged as outside the usual range, indicating premium leverage on a moderate capital base. | 高 | SI004, SI005 |
| CI021 | At-Bay Specialty Insurance Company's combined ratio deteriorated from 98% in 2023 to 102% in 2024, indicating an underwriting loss at the subsidiary level. | 高 | SI004, SI005 |
| CI022 | The losses incurred ratio at At-Bay Specialty Insurance increased from 50% in 2023 to 68% in 2024, an 18-percentage-point deterioration in a single year, compared to a US cyber industry average loss ratio of approximately 49% in 2024. | 高 | SI004, SI025 |
| CI023 | At-Bay Specialty Insurance Company recorded an underwriting loss of approximately $1.26M in 2024, compared to a gain of $1.23M in 2023, a $2.5M adverse swing. | 高 | SI004, SI005 |
| CI024 | Cash flow from operations at At-Bay Specialty Insurance swung from positive $34.1M in 2023 to negative $10.7M in 2024—a $44.8M adverse deterioration reflecting accelerated loss payments in the subsidiary's first full year on own paper. | 高 | SI004, SI005 |
| CI025 | Net income after tax at At-Bay Specialty Insurance Company was $955K in 2024, down 26% from $1.29M in 2023, reflecting thin profitability at the subsidiary level. | 高 | SI004, SI005 |
| CI026 | Losses incurred at At-Bay Specialty Insurance grew 97% from $14.9M in 2023 to $29.2M in 2024, driving the deterioration in the losses incurred ratio and contributing to the negative operating cash flow. | 高 | SI004, SI005 |
| CI027 | At-Bay raised a $185M Series D in July 2021 co-led by Icon Ventures and Lightspeed Venture Partners, reaching a $1.35B post-money valuation; stated use of funds included product innovation, geographic expansion, and headcount growth. | 高 | SI016, SI023 |
| CI028 | At-Bay extended its Series D by $20M with ION Crossover Partners in October 2021, bringing the total Series D to $205M. | 高 | SI006, SI016 |
| CI029 | At-Bay's cumulative total external funding reached $292M as of the October 2021 Series D extension; no new public capital raise has been announced since that date. | 高 | SI006, SI016 |
| CI030 | At-Bay laid off approximately 27 employees—about 10% of its 305-person workforce—in September 2023, described by CTech as structural and operational changes amid growing costs. | 中 | SI007 |
| CI031 | US direct cyber written premiums declined 6% in 2024 to approximately $9.14B, marking the second consecutive annual decline after a 160% increase from 2020 to 2022, per Fitch Ratings. | 中 | SI009 |
| CI032 | US cyber reinsurance non-proportional rates dropped 32% risk-adjusted at the April 2026 renewal per Gallagher Re data reported by actuary.info, signaling reinsurance cost relief for carriers but also broad capacity surplus that may further pressure primary cyber rates. | 中 | SI021 |
| CI033 | CyberCube estimated global insured cyber losses from the July 2024 CrowdStrike Falcon Sensor outage at $400M to $1.5B, representing 3%–10% of annual global cyber premiums—the largest single insured loss event in affirmative cyber insurance history. | 中 | SI010 |
| CI034 | At-Bay's 2026 InsurSec Report documented a 7% year-over-year increase in cyber claim frequency for 2025, with average severity reaching a record $221,000 per claim across its portfolio. | 中 | SI012, SI008 |
| CI035 | Ransomware claim severity rose 16% to $508,000 in 2025 per At-Bay's InsurSec Report, with 87% of ransomware attacks originating from remote access tools including VPNs (73%). | 中 | SI012, SI018 |
| CI036 | Financial fraud accounted for 30% of At-Bay's 2025 claims, with average theft rising 16% to $285,000 per incident; one case involved $9.7M in losses. | 中 | SI012, SI008 |
| CI037 | At-Bay's claims team recovered $56M in stolen financial fraud funds in 2025, with a 70% recovery rate when claims were filed within three days of the incident. | 中 | SI012 |
| CI038 | The global cyber insurance market reached approximately $15B in premiums in 2024, with S&P Global and CoinLaw sources projecting growth to $23B by 2026 and Munich Re projecting further expansion to approximately $28B by 2030. | 中 | SI025, SI020 |
| CI039 | At-Bay does not publish audited consolidated financial statements for At-Bay Inc. as the ultimate parent entity; the only available regulatory filings are subsidiary-level FSLSO reports for At-Bay Specialty Insurance Company, leaving parent-level profitability, gross margin, cash position, and burn rate entirely undisclosed. | 高 | SI004, SI011 |
| CI040 | Akira ransomware accounted for more than 40% of At-Bay's ransomware claims in 2025, the highest single-strain concentration of any ransomware actor ever recorded on At-Bay's books, creating threat-actor accumulation risk. | 中 | SI014, SI012 |
| CE001 | At-Bay structures its Stance security platform into three named tiers: Core, Advanced, and Complete, with each tier including services from all tiers below it. | 中 | SE002 |
| CE002 | Stance Core includes Exposure Manager, Fraud Defense, Security Awareness Training, and vCISO advisory as its component modules available to all enrolled policyholders. | 中 | SE002 |
| CE003 | Stance Advanced adds MDR Endpoint, powered by CrowdStrike Falcon XDR, to all Core modules, providing managed endpoint detection and response via the At-Bay Security SOC. | 高 | SE002, SE001 |
| CE004 | Stance Complete adds MDR Email protection to all Advanced modules, providing email-borne threat detection and response in addition to endpoint MDR. | 中 | SE002 |
| CE005 | At-Bay launched Stance MDR on October 26, 2023, making it available as an optional service for new policyholders and extending it to existing policyholders in January 2024. | 高 | SE001, SE005, SE008 |
| CE006 | At-Bay's MDR Endpoint module is built on CrowdStrike Falcon XDR, a partnership announced alongside the Stance MDR launch on January 31, 2024 per company press materials. | 高 | SE001, SE006, SE010 |
| CE007 | At-Bay launched its MXDR platform on July 15, 2025, powered by SentinelOne Singularity, targeting mid-market and SMB policyholders with extended detection and response across endpoint and email. | 高 | SE016, SE003 |
| CE008 | At-Bay estimates the embedded value of Stance security services at approximately seventy thousand to seventy-two thousand dollars per policy, positioning it as a significant differentiator from traditional cyber insurance pricing. | 中 | SE001, SE010 |
| CE009 | At-Bay Security LLC is a wholly-owned subsidiary of At-Bay that operates the security services layer, legally separating the cybersecurity operations from the insurance entity. | 高 | SE001, SE007, SE009 |
| CE010 | On June 3, 2024, At-Bay expanded its cyber and Tech E&O coverage to businesses with up to five billion dollars in revenue, increasing per-policy limits to ten million dollars. | 高 | SE011, SE024 |
| CE011 | At-Bay acquired Relay Platform on August 22, 2022; Relay operates as a digital marketplace for specialty insurance and remained an independent entity post-acquisition. | 高 | SE013, SE014 |
| CE012 | Relay serves as a specialty insurance digital marketplace connecting brokers and carriers, functioning as At-Bay's primary distribution infrastructure for the broker channel. | 中 | SE013, SE014 |
| CE013 | On April 24, 2024, At-Bay announced enhancements to Stance including Security Awareness Training, phishing simulation, and Microsoft 365 and Google Workspace monitoring integrations. | 高 | SE012, SE025 |
| CE014 | The April 2024 Stance enhancements added direct monitoring integrations for Microsoft 365 and Google Workspace cloud productivity suites. | 高 | SE012, SE025 |
| CE015 | Following the April 2024 platform enhancements, At-Bay claims Stance covers sixty-six percent of policyholder risk as measured by the company's own risk coverage framework. | 中 | SE012, SE025 |
| CE016 | At-Bay's Partner API v2 uses JWT authentication and delivers asynchronous quote responses with a p90 latency target of under forty seconds. | 中 | SE021 |
| CE017 | The Partner API v2 enforces broker-of-record clearance checks programmatically at the time of quote request, preventing unauthorized submissions. | 中 | SE021 |
| CE018 | At-Bay maintains a public GitHub repository through the api-evangelist organization documenting the Partner API v2 schema and endpoint specifications. | 中 | SE021 |
| CE019 | At-Bay's Stance MXDR is listed as a product available for enterprise procurement through the SoftwareOne marketplace, enabling enterprise-channel distribution. | 中 | SE023 |
| CE020 | At-Bay holds a SOC 2 Type II certification, as stated on the company's trust page, covering the Stance security platform. | 中 | SE004 |
| CE021 | All At-Bay policyholder data is stored on AWS infrastructure located exclusively in the United States, per the company's trust page. | 中 | SE004 |
| CE022 | At-Bay's stated policy is that customer data is not used to train AI models, per the trust page. | 中 | SE004 |
| CE023 | The Stance platform provides role-based access control for policyholder account management, per the At-Bay trust page. | 中 | SE004 |
| CE024 | At-Bay claims enterprise-grade encryption at rest and in transit for policyholder data across the Stance platform, per the trust page. | 中 | SE004 |
| CE025 | At-Bay's trust posture is primarily based on company self-attestation; no independent SOC 2 audit summary or third-party audit reports are publicly accessible as of the run date. | 中 | SE004 |
| CE026 | The SOC 2 Type II certification scope boundaries for At-Bay's Stance platform are not described in any publicly accessible detail, limiting external verification of the certification's coverage. | 中 | SE004 |
| CE027 | At-Bay serves approximately forty thousand customers, protecting approximately eight hundred billion dollars in collective customer revenue, per company marketing materials. | 中 | SE015, SE002 |
| CE028 | At-Bay's 2026 InsurSec report found a seven percent rise in claim frequency among policyholders not enrolled in Stance security services. | 中 | SE018 |
| CE029 | Average cyber claim severity was two hundred twenty-one thousand dollars per event in At-Bay's 2025 InsurSec report data. | 中 | SE017 |
| CE030 | Ransomware claim severity averaged five hundred eight thousand dollars per event in At-Bay's 2025 InsurSec report data. | 中 | SE017 |
| CE031 | At-Bay claims a ninety-nine point nine-nine-nine percent incident avoidance rate for policyholders enrolled in Stance security services. | 中 | SE002, SE015 |
| CE032 | At-Bay's internal analysis of Q1 2022 through Q4 2024 claims shows that ninety percent of handled claims could have been potentially mitigated if the policyholder had MXDR deployed. | 中 | SE016 |
| CE033 | At-Bay's 2025 InsurSec report identified VPNs from Cisco and Citrix as the riskiest products for ransomware exposure among its policyholders. | 中 | SE017 |
| CE034 | Insurance Business Magazine recognized At-Bay as a five-star cyber insurance provider with a prevention-first strategy in 2025. | 中 | SE020 |
| CE035 | At-Bay's 2026 InsurSec report was published and covered by HelpNetSecurity on April 23, 2026, confirming the report's currency as of the run date. | 中 | SE018 |
| CE036 | At-Bay positions its InsurSec model as a combined insurance and cybersecurity solution designed to actively reduce cyber risk rather than only indemnify after a loss. | 中 | SE002, SE015 |
| CE037 | No independent third-party validation of At-Bay's claimed ninety-nine point nine-nine-nine percent incident avoidance rate was found in any public source as of the run date. | 中 | SE002, SE017 |
| CE038 | A Spiceworks community thread documents user concern that Stance security tools are lost when switching away from At-Bay, creating effective lock-in tied to policy renewal. | 中 | SE019 |
| CE039 | At-Bay's InsurSec bundle creates switching-cost lock-in for policyholders because security tools and monitoring are tied to the insurance contract rather than available independently. | 中 | SE019, SE002 |
| CE040 | Exposure Manager continuously scans the policyholder's external attack surface and assists with remediation for security threats identified during scanning. | 中 | SE002 |
| CE041 | Fraud Defense is designed to protect businesses against social engineering attacks and wire fraud schemes targeting employees and financial processes. | 中 | SE002 |
| CE042 | At-Bay Security LLC operates as a wholly-owned subsidiary providing security services independently from the insurance entity, a structure confirmed by multiple press reports and At-Bay materials. | 高 | SE001, SE009 |
| CE043 | At-Bay Stance MXDR and At-Bay products are listed and reviewed on multiple technology platforms including SoftwareOne marketplace and Slashdot software reviews, indicating distribution reach beyond insurance-only channels. | 中 | SE022, SE023 |
| CE044 | MDR Email is a Stance module that provides detection and response services specifically for email-borne threats, available at the Complete tier. | 中 | SE002 |
| CE045 | No publicly disclosed data breaches, security incidents involving At-Bay's own systems, or regulatory enforcement actions against At-Bay were identified in any public source reviewed as of the run date. | 中 | SE004, SE018 |
| CU001 | Forbes reported on March 3, 2026 that At-Bay provides cybersecurity insurance to more than 53,000 small and midsize businesses. | 中 | SU015 |
| CU002 | At-Bay's official homepage says Stance is powered by incident insights from more than 40,000 insureds. | 高 | SU001, SU003 |
| CU003 | At-Bay's July 2025 MXDR announcement said the company provides protection to close to 40,000 U.S. businesses representing up to $800 billion in collective revenue. | 高 | SU014, SU016 |
| CU004 | At-Bay primarily serves small and midsize businesses rather than only large enterprises. | 高 | SU011, SU012, SU015, SU018 |
| CU005 | At-Bay's customer buyer is typically mediated by brokers, while end users include business owners, risk managers, and IT/security teams. | 中 | SU006, SU007, SU008, SU026 |
| CU006 | At-Bay expanded Cyber and Tech E&O eligibility to businesses with up to $5 billion in revenue and limits up to $10 million in June 2024. | 中 | SU013 |
| CU007 | The $5 billion revenue and $10 million limit expansion broadens At-Bay from SMB into mid-market and larger commercial accounts. | 中 | SU013, SU016 |
| CU008 | At-Bay's segment mix by customer size, vertical, geography, and premium contribution is not publicly disclosed. | 中 | SU001, SU008, SU015 |
| CU009 | Forbes reported that At-Bay's detection product grew from fewer than 1,000 customers in 2023 to 7,500 customers by the end of 2024. | 中 | SU015 |
| CU010 | Forbes reported that At-Bay's detection product reached approximately $13 million in annualized revenue by year-end 2024. | 中 | SU015 |
| CU011 | At-Bay launched its MDR cybersecurity solution for SMBs in October 2023. | 高 | SU011, SU018, SU020, SU021 |
| CU012 | CrowdStrike and At-Bay announced a January 2024 partnership to use CrowdStrike Falcon XDR for SMB cyber resilience. | 中 | SU012 |
| CU013 | At-Bay's MDR launch materials said more than 50% of small-business cyber claims could be mitigated or prevented by an MDR solution. | 高 | SU011, SU012, SU018 |
| CU014 | At-Bay's 2026 InsurSec Report is based on more than 100,000 policy years of cyber claims data. | 高 | SU009, SU019 |
| CU015 | Help Net Security reported that the 2026 InsurSec Report documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity. | 中 | SU019 |
| CU016 | Public sources reviewed for this chapter do not disclose active monthly users, deployment-completion rates, or renewal conversion from Stance users. | 中 | SU001, SU002, SU003, SU015 |
| CU017 | At-Bay's official MDR materials quote Gradient Security COO Chris White saying At-Bay MDR handles triage, detection tuning, and remediation tasks. | 高 | SU001, SU002 |
| CU018 | At-Bay's official MDR materials quote the CTO of AI InsurTech saying the MDR experience has been excellent and support is available when needed. | 高 | SU001, SU002 |
| CU019 | At-Bay's official MDR materials quote Galahad Risk Advisors CEO Ben Beeson saying At-Bay MDR onboarded quickly and did not disrupt existing IT or security work. | 高 | SU001, SU002 |
| CU020 | The named testimonials prove MDR customer use more directly than insurance-policy renewal or loss-ratio outcomes. | 中 | SU001, SU002, SU024, SU025 |
| CU021 | At-Bay's Broker Platform page says submissions received through the platform bind 35% faster than email. | 中 | SU006 |
| CU022 | Insurance Business recognized At-Bay as a 5-Star Cyber Insurance Provider based on broker-voted awards. | 中 | SU016 |
| CU023 | SourceForge lists At-Bay but shows an overall 0.0 out of 5 review score, indicating no substantive public review base on that surface. | 中 | SU024 |
| CU024 | Slashdot lists At-Bay and a user-reviews section but did not provide substantive review evidence in the fetched page. | 中 | SU025 |
| CU025 | G2's At-Bay reviews page could not be reviewed because the fetched page required JavaScript and ad-blocker changes. | 中 | SU023 |
| CU026 | At-Bay does not publicly disclose NRR, GRR, logo retention, churn, renewal rate, or customer NPS in the sources reviewed for this chapter. | 中 | SU001, SU002, SU003, SU015, SU016 |
| CU027 | At-Bay says adopting Stance MDR may unlock premium credits on an At-Bay insurance policy and enhanced ransomware and financial-fraud limits. | 高 | SU002, SU003 |
| CU028 | At-Bay's homepage describes 1.5 million monitored assets and a 15-minute mean time to remediate threats. | 中 | SU001 |
| CU029 | Stance's embedded security services create switching costs because customers lose tools if the insurance relationship moves to another carrier. | 中 | SU001, SU002, SU026 |
| CU030 | A Spiceworks SMB manufacturing user reported adopting At-Bay, finding the provided tools impressive, then switching to a cheaper carrier after one year and losing the tools. | 中 | SU026 |
| CU031 | The Spiceworks thread also included a prospective user asking what the catch was, indicating buyer skepticism around bundled free security services. | 中 | SU026 |
| CU032 | CFPB's consumer complaint database was reviewed as an adverse-search surface but is not a direct commercial cyber-insurance complaint data set for At-Bay. | 中 | SU027 |
| CU033 | The public record does not establish systemic At-Bay churn, but it does show at least one broker-mediated price-switching anecdote. | 中 | SU026, SU024, SU025 |
| CU034 | At-Bay's distribution is broker-led, with official materials directing customers interested in At-Bay Stance to contact their broker. | 中 | SU006, SU007, SU011 |
| CU035 | At-Bay's broker platform lets brokers quote, customize, and bind online, making the broker workflow the central acquisition surface. | 中 | SU006, SU007 |
| CU036 | At-Bay's land-and-expand path includes Stance Core, MDR Endpoint, MDR Email, MXDR, higher limits, and broader Cyber/Tech E&O coverage. | 中 | SU002, SU003, SU013, SU014 |
| CU037 | Stance MDR is positioned to convert insurance customers into security-service customers by linking security adoption to policy economics. | 中 | SU002, SU003, SU011, SU012 |
| CU038 | At-Bay's MXDR launch targets mid-market and small businesses, extending the security upsell beyond endpoint MDR. | 中 | SU014 |
| CU039 | Digital distribution partnerships such as Sayata's At-Bay admitted cyber-insurance launch reinforce an intermediary-led SMB acquisition model. | 低 | SU022 |
| CU040 | Individual SMB customer concentration is likely low, but At-Bay does not disclose top-customer, top-broker, or top-distribution-partner concentration. | 中 | SU001, SU006, SU015, SU016 |
| CU041 | At-Bay's customer economics depend on security-technology partners including CrowdStrike for MDR and SentinelOne for MXDR. | 中 | SU012, SU014 |
| CU042 | The most important customer diligence asks are broker concentration, renewal cohorts, Stance attach-rate cohorts, and loss-ratio deltas for MDR adopters. | 中 | SU006, SU009, SU015, SU026 |
| CR001 | At-Bay Specialty Insurance Company reported a combined ratio of 102% for the 2024 accident year per the FSLSO annual statutory filing. | 中 | SR008 |
| CR002 | At-Bay Specialty Insurance reported direct premiums written of $280.6 million in 2024, up 344.9% from $63.1 million in 2023, per the FSLSO statutory filing. | 中 | SR008 |
| CR003 | At-Bay Specialty Insurance reported an underwriting loss of negative $1.26 million in 2024 versus a gain of $1.23 million in 2023, per the FSLSO statutory filing. | 中 | SR008 |
| CR004 | At-Bay's gross premium to surplus ratio was 334.2% in 2024 per the FSLSO annual filing, exceeding typical MGA thresholds flagged by AM Best. | 中 | SR008 |
| CR005 | AM Best reaffirmed At-Bay Specialty Insurance Company's Financial Strength Rating at A- Excellent with a Stable Outlook in August 2025. | 中 | SR005 |
| CR006 | Munich Re, through its subsidiary HSB, is both a lead reinsurer and a strategic equity investor in At-Bay, as confirmed by Intelligent Insurer reporting on the 2021 program launch. | 中 | SR006 |
| CR007 | Howden Reinsurance's 2025 cyber risk report shows the top five global cyber reinsurers hold 62% of global market share, confirming supply-side concentration. | 中 | SR028 |
| CR008 | At-Bay's 2026 InsurSec report states that Akira ransomware drove more than 40% of ransomware claims filed by At-Bay policyholders in 2025. | 高 | SR001, SR016 |
| CR009 | At-Bay's 2026 InsurSec report reports average ransomware severity of $508,000 per claim in 2025, up 16% year over year. | 中 | SR001, SR002 |
| CR010 | At-Bay's 2026 InsurSec report states that cyber claim frequency rose 7% year over year in 2025, reaching a record high since 2021. | 中 | SR001, SR015 |
| CR011 | At-Bay's 2026 InsurSec report states that zero At-Bay MDR customers filed an Akira ransomware claim in 2025, demonstrating a detection and prevention benefit. | 中 | SR001, SR025 |
| CR012 | The NAIC 2025 Cybersecurity Insurance Report confirms that US cyber insurance direct premiums written fell approximately 7% in 2024 to $9.14 billion, the first-ever annual decline in the market. | 高 | SR013, SR014 |
| CR013 | WTW's Insurance Marketplace Realities 2026 report states that US cyber insurance rates declined approximately 5% in Q4 2024, continuing a buyer-favorable trend into 2026. | 中 | SR020 |
| CR014 | Calcalist Tech reported in March 2026 that At-Bay laid off approximately 25 engineers from its Israel R&D center, citing "times of war" conditions. | 中 | SR004 |
| CR015 | The calcalistech.com article confirms At-Bay's use of the phrase "times of war" in connection with the March 2026 R&D layoffs, indicating that the Israel-Gaza conflict directly influenced the decision. | 中 | SR004 |
| CR016 | Claims Pages reported in March 2026 that Stryker's Iran-linked cyberattack triggered a coverage dispute testing LMA5567 war-exclusion clauses, with competing interpretations of attribution and critical-infrastructure carve-outs. | 中 | SR007 |
| CR017 | The Cyber Insurance Academy's 2026 LMA5567 guide confirms that Lloyd's mandated war exclusions LMA5567A/B from March 2023 for all cyber policies, barring nation-state attacks with confirmed government attribution. | 中 | SR019 |
| CR018 | At-Bay's last disclosed valuation was $1.35 billion from its Series D funding round in 2021, a figure that reflects a materially different cyber insurance market environment. | 中 | SR017 |
| CR019 | At-Bay has raised approximately $276 million in total venture and growth capital across its funding rounds through 2021. | 中 | SR017 |
| CR020 | At-Bay's 2026 InsurSec report states the company serves approximately 40,000 policyholders, safeguarding up to $800 billion in business revenue. | 中 | SR001 |
| CR021 | The FSLSO 2024 annual statutory filing identifies Trisura Specialty Insurance Company as the fronting carrier for At-Bay Specialty Insurance Company's program. | 中 | SR008 |
| CR022 | Prizmova's surplus-lines compliance guide confirms that multi-state MGAs must file stamping forms, pay surplus-lines premium taxes, and maintain appointed-broker records in every state where non-admitted risks are bound. | 中 | SR011 |
| CR023 | The FSLSO 2024 annual statutory filing shows At-Bay's debt-to-equity ratio at 121.3%, indicating material financial leverage relative to surplus capital. | 中 | SR008 |
| CR024 | At-Bay Specialty Insurance reported operating cash flow of negative $10.7 million in 2024, compared with positive $34.1 million in 2023, per the FSLSO annual filing. | 中 | SR008 |
| CR025 | At-Bay Specialty Insurance reported losses incurred of $29.2 million in 2024, up 96.7% from $14.9 million in 2023, per the FSLSO statutory filing. | 中 | SR008 |
| CR026 | The NAIC 2025 Cybersecurity Insurance Report confirms At-Bay Specialty Insurance Company is active as a US surplus-lines cyber insurer, and the report flags systemic concentration risk as an industry-level regulatory concern. | 中 | SR013 |
| CR027 | Howden Reinsurance's cyber risk report confirms the top five global cyber reinsurers hold 62% of the reinsurance market, meaning At-Bay's panel of five operates within a highly concentrated supply environment. | 中 | SR028 |
| CR028 | Parametrix Insurance estimated the CrowdStrike outage of July 2024 would cost Fortune 500 companies $5.4 billion in total losses, representing a benchmark systemic aggregation event. | 中 | SR022 |
| CR029 | Parametrix estimated the insured-loss range for the CrowdStrike outage at $540 million to $1.08 billion across the entire cyber insurance market, illustrating tail risk for cyber programs from single-vendor failures. | 中 | SR022 |
| CR030 | IBM's 2024 Cost of a Data Breach Report states the global average cost of a data breach reached $4.88 million per incident, the highest on record, reinforcing claims-severity trends observed in At-Bay's book. | 中 | SR023 |
| CR031 | The Verizon 2025 DBIR identifies system intrusion as the leading breach pattern for small and medium businesses, confirming that SMB cyber risk remains structurally elevated and consistent with At-Bay's target segment. | 中 | SR024 |
| CR032 | At-Bay's 2026 InsurSec report states that cyber fraud claims doubled in frequency compared with the prior year, with email fraud surpassing ransomware as the top claim type by volume. | 中 | SR001, SR009 |
| CR033 | At-Bay launched its Managed Detection and Response product for SMBs in October 2023, marking the company's entry into proactive cybersecurity services bundled with insurance. | 高 | SR012, SR026 |
| CR034 | Grand View Research projects the global managed detection and response market to reach $9.5 billion by 2030, indicating a large opportunity for At-Bay's MDR product but also increasing competition for the same customers. | 中 | SR029 |
| CR035 | The calcalistech.com report indicates At-Bay employs approximately 340 staff in Israel, representing the primary R&D and security engineering concentration for the company. | 中 | SR004 |
| CR036 | Fitch Ratings stated in May 2025 that US cyber insurance premium growth is decelerating to single digits, and that the market has seen continued pricing softening since 2022 rate peaks. | 中 | SR014 |
| CR037 | BEinsure's 2026 ranking lists At-Bay among the top 10 US cyber insurers by direct premium written, confirming material market position but also confirming exposure to market-wide rate trends. | 中 | SR017 |
| CR038 | Munich Re forecasts global cyber insurance premiums will reach $28 billion by 2030, supporting At-Bay's long-term market expansion thesis despite the current soft-pricing environment. | 中 | SR006 |
| CR039 | Seedpod Cyber's 2026 carrier comparison identifies Coalition, Corvus, and Cowbell as At-Bay's primary MGA competitors in the SMB cyber segment, all competing on price and coverage breadth. | 中 | SR030 |
| CR040 | Coverager's 2026 MGA outlook warns that MGA model sustainability is at risk under persistent pricing softness, because fee-based income structures create operating-leverage risk when premium volumes decline. | 中 | SR010 |
| CR041 | The NAIC 2025 Cybersecurity Insurance Report confirms At-Bay Specialty Insurance Company is an active US surplus-lines cyber writer and identifies insurer-level concentration as a systemic industry concern warranting regulatory monitoring. | 中 | SR013 |
| CR042 | At-Bay's 2026 InsurSec report confirms that email fraud and social-engineering claims surpassed ransomware as the most frequent claim type by volume in 2025, signaling a shift in loss drivers. | 中 | SR001, SR009 |
| CR043 | WTW's 2026 cyber report confirms US cyber insurance rates fell approximately 5% in Q4 2024, part of a sustained softening cycle since the 2022 peak that directly compresses MGA fee income. | 中 | SR020 |
| CR044 | Marsh's 2026 cyber market update describes buyer-favorable conditions persisting into Q1 2026, with capacity abundant and competition increasing among cyber carriers and MGAs. | 中 | SR021 |
| CR045 | actuary.info's 2026 analysis states that Akira ransomware concentration creates actuarial modeling challenges for cyber insurers because a single threat actor's operational decisions can shift loss ratios within a single quarter. | 中 | SR003 |
| CR046 | Swept AI's analysis of the At-Bay 2026 InsurSec report highlights the statistical rise in cyber fraud claims and notes that email fraud now represents a larger share of claims by frequency than ransomware. | 中 | SR009 |
| CR047 | Cabier Consulting's 2026 systemic aggregation analysis flags cyber MGA programs as particularly exposed to correlated losses from cloud-provider outages because SMB policyholders are disproportionately reliant on a small set of cloud and SaaS vendors. | 中 | SR027 |
| CR048 | Special Eurasia's Middle East Risk Outlook 2026 characterizes geopolitical tensions in the region as elevated, with active conflicts in multiple theaters increasing the operational risk for companies with significant Israel-based headcount. | 中 | SR018 |
| CR049 | The FSLSO 2024 annual statutory filing for At-Bay Specialty Insurance Company is a primary-source document confirming $280.6 million DWP, combined ratio 102%, Trisura as fronting carrier, and 121.3% debt-to-equity, providing the most granular public financial data available for the program. | 中 | SR008 |
| CR050 | The overall public-evidence risk ranking for At-Bay places underwriting and loss ratio first, Akira ransomware concentration second, reinsurance and systemic aggregation third, Israel operational risk fourth, and financial model and competitive pressure fifth—each individually manageable but collectively demanding simultaneous monitoring. | 中 | SR001, SR008, SR013, SR028, SR004 |
| CV001 | At-Bay's last disclosed primary valuation was the July 2021 Series D at a $1.35 billion post-money valuation. | 高 | SV002, SV003 |
| CV002 | Forbes reported At-Bay revenue of approximately $155 million for 2024, up from $129 million in 2023. | 中 | SV001, SV031 |
| CV003 | Forbes lists At-Bay as serving more than 53,000 small and midsize companies. | 中 | SV001, SV030 |
| CV004 | At-Bay raised about $292 million to $296 million of disclosed external capital through its Series D extension, with no public primary equity round since 2021. | 中 | SV001, SV002, SV003 |
| CV005 | At-Bay Specialty Insurance Company's 2024 statutory filing implies underwriting stress, including a 102% combined ratio at the carrier subsidiary. | 中 | SV004 |
| CV006 | At-Bay retains approximately 15% of insurance risk while ceding the majority of gross premium to reinsurers. | 高 | SV001, SV004 |
| CV007 | At-Bay began issuing new cyber and technology E&O policies on its own E&S paper in 2023. | 高 | SV013, SV014 |
| CV008 | The company's carrier transition improves control over underwriting but adds capital, surplus, and statutory-ratio diligence requirements. | 中 | SV004, SV013 |
| CV009 | Stance MDR reached about $13 million of annualized revenue by year-end 2024, making it a meaningful but still minority revenue stream. | 中 | SV001, SV011, SV015 |
| CV010 | At-Bay reported that Akira drove more than 40% of its 2025 ransomware claims, creating a concentrated underwriting risk. | 高 | SV005, SV006, SV007, SV008 |
| CV011 | At-Bay reported that no round-the-clock MDR customer suffered a successful Akira encryption claim in 2025. | 高 | SV005, SV006 |
| CV012 | Relay's 2024 shutdown is an adverse execution signal because At-Bay exited a specialty placement platform roughly two years after acquisition. | 中 | SV009, SV010 |
| CV013 | Coalition's disclosed $5 billion Series F valuation makes it the premium private cyber-insurance comparable above At-Bay's last primary mark. | 中 | SV017 |
| CV014 | Cowbell's $60 million Series C backed by Zurich is a mid-stage cyber-insurance financing comparable but lacks a public valuation mark in the cited release. | 中 | SV018 |
| CV015 | Travelers' approximately $435 million Corvus acquisition is a strategic M&A reference for cyber-insurtech exit value below At-Bay's last private valuation. | 中 | SV019, SV020 |
| CV016 | Public insurtech filings and market-data pages show that insurance-like digital carriers are valued on revenue, premium quality, and path to underwriting profitability rather than pure SaaS multiples. | 中 | SV026, SV027, SV028, SV029 |
| CV017 | Fitch reported continuing US cyber premium declines, which pressures At-Bay's fee income and valuation multiple if policy count growth does not offset rate softness. | 中 | SV022 |
| CV018 | Gallagher's 2026 market outlook indicates cyber capacity and buyer-favorable conditions are material to entry-price discipline. | 中 | SV021 |
| CV019 | NAIC's cybersecurity insurance report reinforces that systemic cyber aggregation remains a regulator-level concern for valuation downside. | 中 | SV023 |
| CV020 | The Insurer reported margin pressure from cyber market softening, an adverse read-through for At-Bay's insurance economics. | 中 | SV024 |
| CV021 | Insurance Thought Leadership's soft-market critique supports an anti-thesis that current cyber pricing may understate future loss-cost correction. | 中 | SV025 |
| CV022 | At-Bay expanded appetite in 2024 to businesses with up to $5 billion in revenue and limits up to $10 million, broadening its addressable market beyond very small accounts. | 中 | SV012 |
| CV023 | At-Bay's valuation stance should be price-sensitive because public evidence supports product-market relevance but not consolidated gross margin, burn, retention, or NRR. | 中 | SV001, SV004, SV009, SV022 |
| CV024 | A fair current entry range for At-Bay is estimated at $1.4 billion to $2.1 billion, or roughly 9x to 14x 2024 revenue, if Stance growth and underwriting remediation are verified. | 中 | SV001, SV004, SV026, SV031 |
| CV025 | A buy recommendation is not supported without private diligence on combined ratio trajectory, reinsurance terms, Stance retention, and cap-table preferences. | 中 | SV004, SV021, SV022, SV024 |
| CV026 | The base-case recommendation is research-more at a fair-to-stretched valuation stance because At-Bay has strategic differentiation but unresolved underwriting and disclosure gaps. | 中 | SV001, SV004, SV005, SV009, SV022 |
| CV027 | Bull-case valuation depends on Stance scaling from a small revenue base into a high-margin risk-reduction layer while loss ratios normalize below 95% combined ratio. | 中 | SV004, SV009, SV011, SV015 |
| CV028 | Bear-case valuation is driven by combined ratios remaining above 100%, cyber pricing continuing to soften, or Akira-style concentration overwhelming MDR penetration. | 中 | SV004, SV005, SV022, SV024 |
| CV029 | At-Bay's dilution and preference overhang are material because nearly $300 million of disclosed capital likely carries late-stage investor preferences that are not public. | 中 | SV001, SV002, SV003 |
| CV030 | Entry discipline should cap a new investment below the estimated Forbes $2.1 billion mark unless current ARR, loss ratio, and preference stack are independently verified. | 中 | SV001, SV004, SV022, SV031 |
| CV031 | At-Bay is not IPO-ready on public evidence because consolidated GAAP revenue quality, profitability, loss ratio, and operating cash flow are not disclosed. | 中 | SV001, SV004, SV027, SV028, SV029 |
| CV032 | A strategic exit to a carrier is more plausible than a near-term IPO if At-Bay can prove MDR lowers claims and its carrier paper remains adequately capitalized. | 中 | SV013, SV014, SV019, SV020 |
| CV033 | The Corvus transaction suggests strategic acquirers pay for cyber underwriting technology, but the $435 million price also highlights downside to unicorn-era valuations. | 中 | SV019, SV020 |
| CV034 | Lemonade's public market profile is a useful upper public-insurtech reference but is not directly comparable because At-Bay is private, cyber-focused, and partially carrier-capital intensive. | 中 | SV026, SV027 |
| CV035 | Root and Hippo are cautionary public comps because digital insurance models can trade at compressed multiples when profitability and loss control are uncertain. | 中 | SV028, SV029 |
| CV036 | At-Bay's own-paper transition and A-rated carrier positioning create a stronger strategic asset than a pure MGA, improving M&A relevance. | 中 | SV013, SV014 |
| CV037 | At-Bay's Stance platform creates multiple expansion potential only if customers retain security subscriptions independent of insurance renewals. | 中 | SV015, SV016, SV030 |
| CV038 | Cyber market softening is a near-term anti-thesis because At-Bay's revenue model remains tied materially to premium volume and underwriting economics. | 中 | SV021, SV022, SV024, SV025 |
| CV039 | The investment thesis is credible because At-Bay combines cyber insurance data, embedded security services, and carrier control in one platform. | 中 | SV013, SV015, SV016, SV030 |
| CV040 | The anti-thesis is also credible because underwriting stress, Relay shutdown, market softening, and ransomware concentration all appear in public evidence. | 中 | SV004, SV005, SV009, SV022, SV024 |
| CV041 | A thesis-break trigger is any trailing-twelve-month combined ratio above 105% after rate normalization because it would indicate structural underwriting weakness. | 中 | SV004, SV022, SV024 |
| CV042 | A second thesis-break trigger is loss of reinsurance support or materially higher attachment-point retention that forces At-Bay to retain more cyber tail risk. | 中 | SV004, SV021, SV023 |
| CV043 | A third thesis-break trigger is Stance churn or MDR attachment failing to grow because the valuation premium relies on security-service economics. | 中 | SV011, SV015, SV016 |
| CV044 | Final diligence must request current consolidated financials, loss triangles, Stance cohort metrics, cap table preferences, reinsurance treaty terms, and broker concentration. | 中 | SV001, SV004, SV011, SV021 |
| CV045 | At a price materially above $2.1 billion, the required underwriting and Stance proof burden becomes high because public comps do not support unlimited SaaS-like multiple expansion. | 中 | SV001, SV004, SV026, SV031 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | At-Bay, Inc. | About At-Bay | Building the new Operating System for Insurance since 2016 … $295.7M in total funding … 340+ At-Bayers … 6 offices globally … 35,000+ policyholders in 100+ industries |
| SO002 | At-Bay, Inc. | Cyber Insurance Startup At-Bay Closes $185 Million Series D, Valuing Company at $1.35 Billion | The Series D marks the company's third round in the past 18 months and brings its overall funding to $272 million. At-Bay's post-money valuation now sits at $1.35 billion. |
| SO003 | At-Bay, Inc. | At-Bay Closes Series C to Total $74M Raised in 2020; Announces New Investors Qumra Capital & M12 | At-Bay raised a total of $74 million in 2020 … $91 million since founding in 2016 … topline metrics grew 600% in the last year |
| SO004 | BusinessWire | At-Bay Launches New Managed Detection and Response (MDR) Cybersecurity Solution for SMBs | At-Bay, the InsurSec provider for the digital age, announced the launch of At-Bay Stance™ Managed Detection and Response (At-Bay Stance MDR) today |
| SO005 | BusinessWire | At-Bay Expands Cyber and Tech E&O Coverage to Businesses with up to $5B in Revenue with Limits up to $10M | |
| SO006 | Globes (Israeli Business News) | Insurtech co At-Bay reaches unicorn status in $185m raise | At-Bay was founded in 2016 by Rotem Iram (CEO), Roman Itskovich (CRO), Etai Hochman, and Tilli Kalisky-Bannett. The last two no longer have executive roles in the company. |
| SO007 | Forbes | At-Bay | Company Overview & News | Provides cybersecurity insurance to more than 53,000 small and midsize businesses … It retains 15% of the insurance risk … MDR product grew from fewer than 1,000 customers in 2023 to 7,500 customers by the end of 2024, reaching $13M in annualized revenue |
| SO008 | Insurance Business Magazine | At-Bay: 5-star cyber provider with a prevention-first strategy | At-Bay currently insures nearly 40,000 customers, representing over $800 billion in revenue across more than 100 industries. |
| SO009 | Help Net Security | Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks | The 2026 InsurSec Report … documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity of $221,000. Ransomware severity reached $508,000, up 16% from the prior year. |
| SO010 | Agency Checklists | Cyber Claims Severity Hits Record in 2025: At-Bay Report | Average severity climbed to a record $221,000 … Third-party liability claims increased 70% year-over-year |
| SO011 | Coverager | At-Bay to shut down Relay | At-Bay … intends to shut down Relay Platform … effective August 6th … This decision reflects our commitment to strategically focus on our core insurance and cybersecurity business. |
| SO012 | National Association of Insurance Commissioners (NAIC) | Report on the Cybersecurity Insurance Market | The U.S. cyber insurance market witnessed its first ever reduction in Direct Written Premium (DWP), with approximately $9.14 billion written in 2024. This is a 7% decrease from 2023. |
| SO013 | At-Bay, Inc. | The 2026 InsurSec Report | |
| SO014 | TechCrunch | Cyber insurance startup At-Bay raises $34M Series C, adds M12 as a new investor | |
| SO015 | The Insurer | Cyber insurance market nears turning point as softening squeezes margins: Dual | The report projected a U.S. cyber combined ratio of 97% in 2026 and said the market could tip into unprofitable territory in 2027 if current trends persist. |
| SO016 | Insurance Thought Leadership | The Soft Market Trap in Cyber | When insurers price coverage inadequately to maintain or grow market share, they're essentially creating future financial obligations that may exceed their ability to fulfill them. |
| SO017 | Leader's Edge Magazine | Rotem Iram, Founder and CEO, At-Bay | I spent five years as a captain in an Israeli intelligence special unit that you compare to the U.S. National Security Agency. |
| SO018 | Qumra Capital | At-Bay Closes $185 Million Series D, Valuing Company at $1.35 Billion | |
| SO019 | Latka (GetLatka) | At-Bay Revenue 2024: $155M ARR | In 2024, At-Bay's revenue reached $155M. The company previously reported $129M in 2023. |
| SO020 | Help Net Security | At-Bay Stance MDR improves cyber resilience for SMBs | |
| SO021 | Cyber Insurance News | One Ransomware Group. One Device. Nearly Half Of All Claims. At-Bay's 2026 InsurSec Report | Every At-Bay policyholder that faced an Akira attack and avoided encryption had 24/7 human-led Managed Detection and Response in place. |
| SO022 | Wedbush Securities / BusinessWire | At-Bay: Remote Access Tools Behind 4 of 5 Ransomware Attacks in 2024; Supply Chain-Driven Cyber Claims up 43% | At-Bay Insurance Services, LLC provides insurance protection and security prevention solutions to close to 40,000 businesses in the US, safeguarding up to $800B in collective business revenue |
| SO023 | PLUS (Professional Liability Underwriting Society) | A Softening Cyber Market That Can't Last and Why Today's Conditions Set the Stage for Tomorrow's Correction | Organizations that benefit from today's generous terms may find themselves facing far higher costs, shrinking limits, or reduced coverage availability once the market recalibrates. |
| SO024 | At-Bay, Inc. | At-Bay Homepage | 40,000+ Policyholders Protected … $60B Risk Under Management … 1.5 million Monitored Assets … 15 minutes Mean Time to Remediate a Threat |
| SO025 | Globes (Israeli Business News) | Insurtech co At-Bay reaches unicorn status in $185m raise | |
| SM001 | National Association of Insurance Commissioners | Cyber Insurance Report | NAIC annual-statement data is the most granular public regulatory lens on U.S. cyber direct written premium and policy mix. |
| SM002 | Munich Re | Cyber Insurance: Risks and Trends 2025 | Munich Re estimates global cyber insurance premium of $15.3B in 2024 and $16.3B in 2025. |
| SM003 | Swiss Re | Shifting cyber insurance growth into the next gear | Swiss Re frames SMEs as the major underpenetrated opportunity for cyber insurance growth. |
| SM004 | Howden | Howden's 2025 cyber insurance report | Howden reports that cyber pricing has fallen materially from its 2022 peak as capacity has expanded. |
| SM005 | Howden Group Holdings | Rebooting growth: Howden's 2025 cyber insurance report | The Howden PDF provides the detailed report behind the 2025 rebooting-growth market narrative. |
| SM006 | Gallagher | 2026 Cyber Insurance Market Outlook | Gallagher's 2026 outlook presents a broker-market view of pricing, capacity, claims and underwriting conditions. |
| SM007 | Marsh | US cyber insurance market update: Rates decrease, threats evolve | Marsh describes a U.S. cyber market with decreasing rates despite evolving threat activity. |
| SM008 | Aon | Cyber Risk Insurance Market Remains Buyer-Friendly - Aon Global 2025 Cyber Risk Report | Aon reports a buyer-friendly market with continued cyber pricing decreases and rising ransomware activity. |
| SM009 | Fitch Ratings | U.S. Cyber Insurance Growth Raises Underwriting Risk | Fitch warns that renewed U.S. cyber insurance growth may raise underwriting risk if pricing discipline weakens. |
| SM010 | Moody's | Introducing Moody’s RMS Cyber Solutions Version 10.0: A clearer view of cyber concentration risk | Moody's emphasizes cyber concentration risk from shared technology dependencies across insured portfolios. |
| SM011 | Business Insurance | Cyber premium rising, but rates deteriorating: Report | Business Insurance summarizes Swiss Re's view that premiums can rise even while rates deteriorate. |
| SM012 | Business Insurance | Cyber insurance premiums fall in U.S. for first time, up globally | Business Insurance reports the NAIC finding that U.S. cyber premiums fell for the first time while global premium rose. |
| SM013 | Risk & Insurance | Cyber Insurance Market Adapts to Evolving Threats | Risk & Insurance summarizes Munich Re's 2025 cyber-market risk and trend findings. |
| SM014 | Risk & Insurance | Cyber Insurance Market Reaches Decade-Low Pricing as Claims Surge 22% | Risk & Insurance highlights the adverse combination of lower pricing and higher claims activity. |
| SM015 | Insurance Business Magazine | Historic softening in cyber reinsurance pricing as rates plunge 32% - Gallagher Re | Insurance Business reports Gallagher Re's finding that cyber reinsurance pricing fell sharply at 2026 renewals. |
| SM016 | At-Bay | At-Bay: Cyber Insurance & MDR Security Platform | Proactive Protection | At-Bay presents itself as a cyber insurance and MDR security platform for proactive protection. |
| SM017 | At-Bay | Managed Detection & Response (MDR) | 24/7 Threat Monitoring | At-Bay states that its MDR provides 24/7 monitoring and expert-led remediation for businesses. |
| SM018 | At-Bay | Insurance + Security | At-Bay describes insurance-plus-security features that combine cyber coverage with proactive risk services. |
| SM019 | Business Wire | CrowdStrike and At-Bay Join Forces to Boost Cyber Resilience Among SMBs | CrowdStrike and At-Bay announced a partnership to deliver MDR and cyber resilience offerings to SMBs. |
| SM020 | Insurance Business Magazine | At-Bay launches new MDR cyber solution for SMBs | Insurance Business reported At-Bay's MDR launch for small and midsize businesses. |
| SM021 | Insurance Business Magazine | At-Bay: 5-star cyber provider with a prevention-first strategy | Insurance Business describes At-Bay's broker-recognized prevention-first cyber insurance strategy. |
| SM022 | InsurTech Digital | At-Bay launches new admitted cyber insurance for small firms | InsurTech Digital reports At-Bay's admitted cyber product for smaller businesses. |
| SM023 | Verizon Business | 2026 Data Breach Investigations Report (DBIR) | Verizon DBIR is a high-reputation annual source on breach patterns relevant to cyber insurance demand. |
| SM024 | IBM | Cost of a data breach 2025 | IBM reports the average cost of a data breach and cost differences associated with security maturity. |
| SM025 | Securities and Exchange Commission | SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies | The SEC adopted rules requiring material cybersecurity incident disclosure and annual governance disclosures. |
| SM026 | European Commission | NIS2 Directive: securing network and information systems | The European Commission describes NIS2 as strengthened EU-wide cybersecurity risk-management obligations. |
| SM027 | CrowdStrike | Technical Details: Falcon Update for Windows Hosts | CrowdStrike published technical details on the Falcon content update that caused widespread Windows host issues. |
| SM028 | CrowdStrike | Falcon Content Update Remediation and Guidance Hub | CrowdStrike's remediation hub documents the operational response to the widespread Falcon content update outage. |
| SM029 | IBM Think | Exploring the 2024 Worldwide Managed Detection and Response Vendor Assessment | IBM summarizes the IDC MDR assessment and emphasizes incident-response and managed-security requirements. |
| SM030 | IDC | IDC MarketScape: Worldwide Managed Detection and Response 2024 Vendor Assessment | IDC evaluates worldwide MDR vendors, indicating MDR is a distinct and mature managed security services category. |
| SM031 | Gartner | Market Guide for Managed Detection and Response | Gartner's market guide positions MDR as an outcome-oriented service category for security operations. |
| SM032 | Expert Insights | Managed Detection and Response (MDR) Statistics and Trends in 2025 | Expert Insights compiles 2025 MDR market-size and growth estimates relevant to the security-adjacency sizing lens. |
| SM033 | Business Insurance | Ransomware up, rates down: Aon | Business Insurance reports Aon's finding that ransomware rose while cyber rates declined. |
| SP001 | At-Bay | 2026 InsurSec Report — Key Cyber Risk Insights & Data | At-Bay's 2026 InsurSec report covers more than 100,000 policy years of claims data. |
| SP002 | HelpNet Security | Ransomware, fraud, and lawsuits drive cyber insurance claims to new records | Cyber claim frequency up 7% YoY and average severity hit $221,000, both at all-time highs per At-Bay's 2026 InsurSec report. |
| SP003 | Agency Checklists | Cyber Claims Severity Hits Record in 2025: At-Bay Report | |
| SP004 | Insurance Business Magazine | One ransomware crew now drives half of all cyber claims: At-Bay | Over 40% of ransomware claims on At-Bay's books in 2025 were attributed to the Akira ransomware group. |
| SP005 | Coverager | At-Bay to Shut Down Relay | At-Bay is shutting down its Relay specialty insurance platform. |
| SP006 | At-Bay | Insurance Broker Hub | |
| SP007 | Coalition | Coalition closes $250 million in Series F funding | |
| SP008 | Cowbell | Cowbell Secures $60 Million Series C Funding from Zurich Insurance Group | |
| SP009 | At-Bay | At-Bay closes $185 million Series D valuing company at $1.35 billion | At-Bay closes $185 million Series D at $1.35 billion valuation. |
| SP010 | Corvus Insurance (by Travelers) | Corvus Cyber Insurance Coverage and Solutions | |
| SP011 | Travelers Investor Relations | Travelers Announces Enhanced Services for Cyber Liability Customers | |
| SP012 | Resilience | Resilience Home Page — Cyber Risk Management and Insurance | |
| SP013 | SecurityWeek | Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance | Zurich Insurance agreed to acquire Beazley for approximately $11 billion in March 2026 to lead cyberinsurance. |
| SP014 | Insurance Journal | Zurich Insurance and Beazley Agree to $10.9B Cash Acquisition | |
| SP015 | Insurance Business Magazine | Cyber MGA funding drops as sector faces wave of consolidation | MGAs now underwrite approximately one-third of total global cyber GWP; funding drops signal consolidation ahead. |
| SP016 | Cyber Insurance News | Cyber insurance market falls 27% since 2022: What 2026 brings | Global cyber insurance rates have fallen approximately 27% since mid-2022. |
| SP017 | WTW (Willis Towers Watson) | Cyber Risk: A Look Ahead to 2026 | |
| SP018 | CFC Underwriting | The cyber market in 2026: your questions answered | |
| SP019 | The Insurer | Cyber insurance market nears turning point as softening squeezes margins | |
| SP020 | Forbes | At-Bay | Company Overview & News | |
| SP021 | At-Bay | At-Bay Begins Issuing Policies on Its Own E&S Paper | |
| SP022 | MSSP Alert | At-Bay Unveils Combined Cybersecurity Cyberinsurance for SMBs | |
| SP023 | Huntress | Huntress Ranked 149th Fastest Growing Company in North America on the 2025 Deloitte Fast 500 | |
| SP024 | TechStack IPO | Arctic Wolf IPO — Status, Timeline, Valuation & S-1 Filing Tracker | |
| SP025 | Fitch Ratings | Fitch Ratings: US Cyber Insurance Premiums Decline Continues | |
| SP026 | Cyber Insurance News | At-Bay launches new managed detection cybersecurity solution | |
| SP027 | Insurance Business Magazine | At-Bay becomes fullstack insurance carrier | |
| SP028 | Cyber Insurance News | Ransomware claims 2025: At-Bay InsurSec report key findings | |
| SP029 | Insurbrief | At-Bay names Ken Riegler president after $110M annual revenue milestone | |
| SP030 | ReinsuranceNe.ws | At-Bay Launches New MDR Cybersecurity Solution for SMBs | |
| SP031 | Beazley | Cyber & Tech — Beazley Full Spectrum Cyber Solutions | |
| SP032 | Business Insurance | Zurich-Beazley deal could accelerate cyber consolidation | |
| SP033 | Deepak Gupta (analyst blog) | Top 5 Cyber Insurance Platforms of 2026 | |
| SP034 | At-Bay | At-Bay Stance Platform Overview | |
| SP035 | At-Bay | Stance MDR — Managed Detection and Response | |
| SI001 | At-Bay | At-Bay Begins Issuing Policies on Its Own E&S Paper | |
| SI002 | BusinessWire | At-Bay Begins Issuing Policies on its own E&S Paper, Finalizes Transition to Full-Stack Insurer | |
| SI003 | CTech (Calcalist) | At-Bay Names Ken Riegler as President After $110M Annual Revenue Milestone | |
| SI004 | Florida Surplus Lines Service Office | At-Bay Specialty Insurance Company — FSLSO Insurer Financial Report, Annual 2024 | Annual 2024 NAIC filing for At-Bay Specialty Insurance Company (NAIC 19607), Delaware. |
| SI005 | Florida Surplus Lines Service Office | At-Bay Specialty Insurance Company — FSLSO Insurer Financial Report, Q2 2025 | Q2 2025 NAIC filing for At-Bay Specialty Insurance Company (NAIC 19607). |
| SI006 | Carrier Management | At-Bay Extends Series D by $20M with ION Crossover Partners | |
| SI007 | CTech (Calcalist) | At-Bay Cuts About 10% of Staff in Layoffs | |
| SI008 | Agency Checklists | Cyber Claims 2025: At-Bay InsurSec Report — Agency Checklists Coverage | |
| SI009 | Fitch Ratings | Fitch Ratings: US Cyber Insurance Premiums Decline Continues | |
| SI010 | CyberCube | CyberCube Estimates Global Insured Losses from CrowdStrike Event | |
| SI011 | Forbes | At-Bay — Forbes Company Profile | |
| SI012 | At-Bay | At-Bay 2026 InsurSec Report | |
| SI013 | Insurance Business | At-Bay Becomes a Full-Stack Insurance Carrier | |
| SI014 | Insurance Business | One Ransomware Crew Now Drives Half of All Cyber Claims — At-Bay | |
| SI015 | InsurBrief | At-Bay Names Ken Riegler President After $110M Annual Revenue Milestone | |
| SI016 | BusinessWire | Cyber Insurance Startup At-Bay Closes $185 Million Series D, Valuing Company at $1.35 Billion | |
| SI017 | StartupTalky | At-Bay Success Story — StartupTalky | |
| SI018 | Wedbush/BusinessWire | At-Bay: Remote Access Tools Behind 4 of 5 Ransomware Attacks in 2024 | |
| SI019 | At-Bay | At-Bay Official Homepage | |
| SI020 | Munich Re | Cyber Insurance Risks and Trends 2025 — Munich Re | |
| SI021 | Actuary.info (citing Gallagher Re) | Cyber Reinsurance Non-Proportional Rates Drop 32% at April 2026 Renewal | |
| SI022 | Insurance Business | At-Bay: 5-Star Cyber Provider with a Prevention-First Strategy | |
| SI023 | Insurance Business | At-Bay Raises $185 Million in Latest Funding Round | |
| SI024 | At-Bay | At-Bay at Davos: SMB Cybersecurity Insurance Perspectives — Rotem Iram | |
| SI025 | CoinLaw | Cyber Insurance Industry Statistics — CoinLaw | |
| SE001 | Business Wire (At-Bay) | At-Bay Launches New Managed Detection and Response (MDR) Cybersecurity Solution for SMBs | At-Bay is launching Stance MDR, a new cybersecurity solution that combines managed detection and response with cyber insurance, powered by CrowdStrike Falcon XDR technology. |
| SE002 | At-Bay | Stance Security Platform | |
| SE003 | At-Bay | Stance MXDR — Extended Detection and Response | |
| SE004 | At-Bay | At-Bay Trust and Security | At-Bay is SOC 2 Type II certified and stores all data on AWS infrastructure in the United States. We do not use customer data to train AI models. |
| SE005 | Help Net Security | At-Bay launches Stance MDR cybersecurity solution for SMBs | |
| SE006 | Cyber Insurance News | At-Bay Launches New Managed Detection Cybersecurity Solution | |
| SE007 | Insurance Business Magazine | AtBay launches new MDR cyber solution for SMBs | |
| SE008 | Reinsurance News | At-Bay launches new MDR cybersecurity solution for SMBs | |
| SE009 | Calcalist Tech | At-Bay raises cyber insurance market with new MDR security product | |
| SE010 | MSSP Alert | At-Bay Unveils Combined Cybersecurity-Cyberinsurance for SMBs | |
| SE011 | Business Wire (At-Bay) | At-Bay Expands Cyber and Tech E&O Coverage to Businesses with up to $5B in Revenue | |
| SE012 | Financial Content / Business Wire (At-Bay) | InsurSec Leader At-Bay Announces Enhancements to its Innovative Unified Security Platform | |
| SE013 | At-Bay | At-Bay Acquires Relay to Accelerate the Future of Specialty Insurance | At-Bay today announced the acquisition of Relay, a digital marketplace for specialty insurance, to accelerate the future of specialty insurance distribution. |
| SE014 | Insurance Business Magazine | Digital insurtech AtBay acquires Relay Platform | |
| SE015 | At-Bay | At-Bay Homepage | |
| SE016 | Business Wire (At-Bay) | At-Bay Launches New MXDR Platform to Combat Cyber Risk for Mid-Market and Small Businesses | At-Bay's analysis shows that 90% of the claims it handled from Q1 2022 through Q4 2024 could have been potentially mitigated if the policyholder had MXDR deployed. |
| SE017 | Cyber Insurance News | VPN Cisco Citrix Riskiest Products Ransomware — At-Bay 2025 Report | |
| SE018 | Help Net Security | Cyber insurance claims report — 2026 trends | |
| SE019 | Spiceworks Community | Anyone using At-Bay Stance cybersecurity with free security services? | The tools are lost if you switch away from At-Bay, which is a concern for long-term flexibility. |
| SE020 | Insurance Business Magazine | AtBay — five-star cyber provider with a prevention-first strategy | |
| SE021 | API Evangelist / GitHub | At-Bay Partner API v2 documentation repository | The At-Bay Partner API v2 uses JWT authentication and delivers asynchronous quote responses with a p90 latency target of under 40 seconds; BOR clearance is enforced programmatically. |
| SE022 | Slashdot | At-Bay Software Reviews | |
| SE023 | SoftwareOne | Stance Managed Extended Detection and Response (MXDR) — SoftwareOne Marketplace | |
| SE024 | Cyber Insurance News | At-Bay Expands Cyber and Tech E&O Coverage to Large Businesses | |
| SE025 | Business Wire (At-Bay) | InsurSec Leader At-Bay Announces Enhancements to its Innovative Unified Security Platform | |
| SU001 | At-Bay | At-Bay Cyber Insurance & MDR Security Platform | Powered by incident insights from our 40,000+ insureds. |
| SU002 | At-Bay | Managed Detection & Response (MDR) | With At-Bay MDR, we don’t have to triage alerts, tune detection and response tools, or assign remediation tasks. |
| SU003 | At-Bay | At-Bay Stance AI-Powered Unified Security Platform | Stance is purpose-built to protect your whole IT environment, powered by incident insights from our 40,000+ insureds. |
| SU004 | At-Bay | At-Bay Stance Knowledge Center | At-Bay Stance Knowledge Center. |
| SU005 | At-Bay | MDR Knowledge Center | MDR | At-Bay Knowledge Center. |
| SU006 | At-Bay | Broker Platform Unlock More Business With Instant Quotes | Submissions received through the Broker Platform bind 35% faster than email. |
| SU007 | At-Bay | Insurance Broker Hub | Insurance Broker Hub. |
| SU008 | At-Bay | Cyber, Tech E&O & Professional Liability Insurance | Cyber, Tech E&O & Professional Liability Insurance. |
| SU009 | At-Bay | 2026 InsurSec Report | Based on more than 100,000 policy years of At-Bay cyber claims data. |
| SU010 | At-Bay | At-Bay Stance Overview | At-Bay Stance Overview. |
| SU011 | Business Wire | At-Bay Launches New Managed Detection and Response Cybersecurity Solution for SMBs | More than 50% of small business cyber claims can be mitigated or prevented by an MDR solution. |
| SU012 | Business Wire | CrowdStrike and At-Bay Join Forces to Boost Cyber Resilience Among SMBs | MDR solution could help to prevent or mitigate the losses of more than 50% of cyber insurance claims. |
| SU013 | Business Wire | At-Bay Expands Cyber and Tech E&O Coverage to Businesses with up to $5B in Revenue | Coverage to businesses with up to $5B in revenue with limits up to $10M. |
| SU014 | Business Wire | At-Bay Launches New MXDR Platform to Combat Cyber Risk for Mid-Market and Small Businesses | At-Bay provides insurance protection and security prevention solutions to close to 40,000 businesses in the US. |
| SU015 | Forbes | At-Bay Company Overview & News | Provides cybersecurity insurance to more than 53,000 small and midsize businesses. |
| SU016 | Insurance Business | At-Bay 5-star cyber provider with a prevention-first strategy | At-Bay currently insures nearly 40,000 customers, representing over $800 billion in revenue across more than 100 industries. |
| SU017 | Insurance Business | One ransomware crew now drives half of all cyber claims At-Bay | One ransomware crew now drives half of all cyber claims: At-Bay. |
| SU018 | Help Net Security | At-Bay Stance MDR improves cyber resilience for SMBs | At-Bay Stance MDR improves cyber resilience for SMBs. |
| SU019 | Help Net Security | Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks | The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency. |
| SU020 | MSSP Alert | Cyber Insurer At-Bay Unveils MDR Solution | Cyber Insurer At-Bay Unveils MDR Solution. |
| SU021 | Insurance Business | At-Bay launches new MDR cyber solution for SMBs | At-Bay launches new MDR cyber solution for SMBs. |
| SU022 | InsurTech Insights | Sayata Launches At-Bay's Admitted Cyber Insurance Solution for SMBs | The fetched page returned a JavaScript interstitial, so only the discovered title was retained. |
| SU023 | G2 | At-Bay Reviews | Please enable JS and disable any ad blocker. |
| SU024 | SourceForge | At-Bay Reviews in 2026 | Overall 0.0 / 5. |
| SU025 | Slashdot | At-Bay Reviews 2026 | At-Bay User Reviews. |
| SU026 | Spiceworks Community | Anyone using At-Bay Stance, cybersecurity with free security services? | We did and the tools provided were actually pretty impressive. Unfortunately the agent found us something cheaper after 1 year and now the tools are gone. |
| SU027 | Consumer Financial Protection Bureau | Consumer Complaint Database | Consumer Complaint Database. |
| SU028 | Cyber Insurance News | Ransomware Claims 2025 Akira & SonicWall Dominate At-Bay Report | Ransomware Claims 2025: Akira & SonicWall Dominate - At-Bay Report. |
| SU029 | Swept AI | $285K Average Theft, 40% Akira Concentration The At-Bay 2026 Numbers | $285K Average Theft, 40% Akira Concentration: The At-Bay 2026 Numbers. |
| SR001 | At-Bay | At-Bay 2026 InsurSec Report: Key Findings on Cyber Risk | |
| SR002 | Agency Checklists | Cyber Claims 2025: At-Bay Report Shows Record Severity | |
| SR003 | actuary.info | Ransomware Concentration: Akira Cyber Insurance Rate Model 2026 | |
| SR004 | Calcalist Tech | At-Bay Lays Off 25 Engineers in Israel R&D in Times of War | At-Bay laid off approximately 25 engineers from its Israel R&D center, citing the times of war. |
| SR005 | Business Wire | AM Best Reaffirms Financial Strength Rating of At-Bay Specialty Insurance as A- Excellent with Stable Outlook | |
| SR006 | Intelligent Insurer | Munich Re-backed InsurTech At-Bay launches new cyber programme | |
| SR007 | Claims Pages | Stryker Cyberattack Tests War Exclusion Clauses in Cyber Insurance Policies | The Stryker cyberattack is testing war exclusion clauses in cyber insurance policies amid contested Iran attribution. |
| SR008 | Florida Surplus Lines Service Office | At-Bay Specialty Insurance Company Annual Report 2024 | |
| SR009 | Swept AI | At-Bay 2026 InsurSec Report: Cyber Fraud by the Numbers | |
| SR010 | Coverager | 2026 MGA Outlook: Scaling Smarter in a Demanding Market | |
| SR011 | Prizmova | Surplus Lines Compliance Guide for Multi-State MGAs | |
| SR012 | Business Wire | At-Bay Launches New Managed Detection and Response (MDR) Cybersecurity Solution for SMBs | |
| SR013 | National Association of Insurance Commissioners | 2025 NAIC Cybersecurity Insurance Report | |
| SR014 | Fitch Ratings | US Cyber Insurance Premiums Decline Continues | |
| SR015 | Coinlaw.io | Cyber Insurance Industry Statistics 2026 | |
| SR016 | DataBreaches.net | One Ransomware Crew Now Drives Half of All Cyber Claims at At-Bay | |
| SR017 | BEinsure | Top 50 US Cyber Insurers by Premium 2026 | |
| SR018 | Special Eurasia | Middle East Risk Outlook 2026 | |
| SR019 | Cyber Insurance Academy | LMA5567A/B: Lloyd's Cyber War Exclusions Explained 2026 | |
| SR020 | Willis Towers Watson | Insurance Marketplace Realities 2026: Cyber Risk | |
| SR021 | Marsh | Cyber Insurance Market Update 2026 | |
| SR022 | Parametrix Insurance | CrowdStrike to Cost Fortune 500: $5.4 Billion; Insured Loss Range $540M to $1.08B | |
| SR023 | IBM | Cost of a Data Breach Report 2024 | |
| SR024 | Verizon | 2025 Data Breach Investigations Report | |
| SR025 | At-Bay | At-Bay MDR — Managed Detection and Response for SMBs | |
| SR026 | Insurance Business Magazine | At-Bay Launches New MDR Cyber Solution for SMBs | |
| SR027 | Cabier Consulting | Cyber Insurance Systemic Aggregation Risk 2026 | |
| SR028 | Reinsurance News | Howden Re Cyber Risk Report: 62% Market Share Held by Top 5 Reinsurers | |
| SR029 | Grand View Research | Managed Detection and Response Market Report 2030 | |
| SR030 | Seedpod Cyber | Cyber Insurance Carrier Comparison 2026 | |
| SV001 | Forbes | At-Bay | Company Overview & News | Forbes lists At-Bay revenue at about $155 million and describes its funding and company profile. |
| SV002 | At-Bay | Cyber Insurance Startup At-Bay Closes $185 Million Series D, Valuing Company at $1.35 Billion | At-Bay announced a $185 million Series D financing valuing the company at $1.35 billion. |
| SV003 | Qumra Capital | At-Bay Closes $185 Million Series D, Valuing Company at $1.35 Billion | Qumra repeated the $185 million Series D and $1.35 billion valuation details as an investor source. |
| SV004 | Florida Surplus Lines Service Office | At-Bay Specialty Insurance Company — FSLSO Insurer Financial Report, Annual 2024 | The annual statutory filing reports At-Bay Specialty Insurance Company financials, including premium, loss, expense, and surplus metrics. |
| SV005 | At-Bay | 2026 InsurSec Report: Ransomware & VPN Attack Trends | At-Bay reported Akira concentration, SonicWall VPN exposure, and MDR mitigation evidence in its 2026 InsurSec release. |
| SV006 | At-Bay | The 2026 InsurSec Report | At-Bay's report presents cyber claim trends and prevention evidence for its insured population. |
| SV007 | Help Net Security | Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks | Help Net Security covered At-Bay's 2026 cyber insurance claims report and claim severity trends. |
| SV008 | Agency Checklists | Cyber Claims Severity Hits Record in 2025: At-Bay Report | Agency Checklists summarized At-Bay's 2025 claims severity and ransomware findings. |
| SV009 | Coverager | At-Bay to shut down Relay | Coverager reported At-Bay would shut down Relay after acquiring the specialty placement platform. |
| SV010 | Insurtech Insights | At-Bay Announces Closure of Relay | Insurtech Insights reported the Relay closure and its strategic refocus implications. |
| SV011 | BusinessWire | At-Bay Launches New Managed Detection and Response (MDR) Cybersecurity Solution for SMBs | At-Bay announced its MDR cybersecurity solution for SMB policyholders. |
| SV012 | BusinessWire | At-Bay Expands Cyber and Tech E&O Coverage to Businesses with up to $5B in Revenue | At-Bay expanded coverage appetite to businesses with up to $5 billion in revenue and limits up to $10 million. |
| SV013 | At-Bay | At-Bay Begins Issuing Policies on Its Own E&S Paper | At-Bay said it began issuing policies on its own E&S paper through At-Bay Specialty Insurance Company. |
| SV014 | Insurance Business Magazine | At-Bay becomes full-stack insurance carrier | Insurance Business covered At-Bay becoming a full-stack carrier and using its own paper. |
| SV015 | At-Bay | At-Bay Stance Platform Overview | At-Bay describes Stance as a security platform connected to its insurance product. |
| SV016 | At-Bay | Stance MDR — Managed Detection and Response | At-Bay describes MDR capabilities and service model for monitored detection and response. |
| SV017 | Coalition | Coalition closes $250 million in Series F funding | Coalition disclosed a $250 million Series F at a $5 billion valuation. |
| SV018 | Cowbell | Cowbell Secures $60 Million Series C Funding from Zurich Insurance Group | Cowbell announced a $60 million Series C backed by Zurich Insurance Group. |
| SV019 | Corvus Insurance | Travelers Completes Acquisition of Corvus Insurance | Corvus announced Travelers completed its acquisition of Corvus Insurance. |
| SV020 | BEinsure | Cyber insurtech Corvus agreed to a $435 mn deal to be acquired by Travelers | BEinsure reported the Corvus acquisition price at about $435 million. |
| SV021 | AJG / Gallagher | 2026 Cyber Insurance Market Outlook | Gallagher's 2026 outlook discusses cyber insurance pricing, capacity, and market conditions. |
| SV022 | Fitch Ratings | Fitch Ratings: US Cyber Insurance Premiums Decline Continues | Fitch reported that US cyber insurance premiums declined, indicating continuing market softening. |
| SV023 | National Association of Insurance Commissioners | 2025 NAIC Cybersecurity Insurance Report | NAIC reported on the US cybersecurity insurance market and systemic risk considerations. |
| SV024 | The Insurer | Cyber insurance market nears turning point as softening squeezes margins: Dual | The Insurer reported that softening cyber pricing is squeezing margins. |
| SV025 | Insurance Thought Leadership | The Soft Market Trap in Cyber | Insurance Thought Leadership warned that soft cyber market conditions can set up later corrections. |
| SV026 | StockAnalysis | Lemonade (LMND) Statistics & Valuation | StockAnalysis publishes Lemonade market capitalization, revenue, and valuation statistics. |
| SV027 | StockTitan | LMND SEC Filings - Lemonade Inc 10-K, 10-Q, 8-K Forms | StockTitan indexes Lemonade SEC filings for public-comparable financial disclosure. |
| SV028 | Last10K | Hippo Holdings Inc. SEC Filings | Last10K indexes Hippo SEC filings for public-comparable financial disclosure. |
| SV029 | MarketBeat | Root SEC Filings | MarketBeat indexes Root SEC filings for public-comparable financial disclosure. |
| SV030 | Insurance Business Magazine | At-Bay: 5-star cyber provider with a prevention-first strategy | Insurance Business described At-Bay's prevention-first strategy and embedded security value. |
| SV031 | Latka | At-Bay Revenue 2024: $155M ARR | Latka lists At-Bay revenue and related company metrics from its private-company database. |