Carpe Data

Carpe Cyber

Cyber Risk Intelligence Built for Insurance Underwriting.

Carpe Cyber turns a domain into an evidence-backed cyber risk report in under 60 seconds. Built for cyber insurance underwriters, brokers, and MGAs, with every finding traceable to the raw data that produced it.

Cyber underwriting still runs on self-reported questionnaires and lagging black-box scores. Carpe Cyber replaces both with a real-time domain scan, aggregating 10+ external intelligence sources into a single evidence-backed report a carrier can actually defend.

Request a Demo ScanSee How It Works
<60s

Scan Time

Domain to decision in under a minute

10+

Intelligence Sources

Aggregated in parallel on every scan

100+

Carriers Trust Carpe

Same team, same accuracy bar

0

Black-Box Scores

Every finding shows the raw evidence

app.cyber.carpe.io/scans/example.com
Carpe Cyber Risk Findings view showing severity-tagged findings including a recent breach, missing DMARC policy, exposed WordPress REST API, missing HSTS header, missing Content Security Policy, and missing privacy policy, each with source-cited evidence
Live Scan
Live Risk Findings view: every issue tagged by severity, with the source-cited evidence and remediation guidance attached to the file.

How Carpe Cyber Works

From Domain to Decision in Under 60 Seconds.

No installs, no agents, no questionnaires. Underwriters and brokers run a scan the way they already research a prospect, only the answer comes back with evidence attached.

01

Enter a Domain

Paste a single domain into the scan field. No agents to deploy, no questionnaires to send, no IP ranges to maintain.

02

10+ Sources Scan in Parallel

TLS, DNS, HTTP headers, breach history, certificate transparency, CSP, attack surface, business identity, and AI-enriched threat context all execute against the domain at once.

03

Evidence-Backed Report

A composite risk score, sub-scores by category, every finding with its raw evidence and remediation guidance, and an AI-generated narrative ready for the underwriting file.

What Carpe Cyber Surfaces

Ten Sources of Cyber Risk Intelligence, One Report.

Six capability areas that turn a single domain into a defensible cyber underwriting picture.

Domain Security Scanning

Enter a domain and Carpe Cyber orchestrates parallel checks across TLS and SSL certificates, DNS records (SPF, DMARC, DKIM, MX), HTTP security headers, certificate transparency logs, breach history, content security policy strength, and exposed attack surface. One scan, ten-plus external intelligence sources, a complete posture in under a minute.

Composite Risk Scoring

Every scan resolves to a composite risk score from 0 to 100, with sub-scores broken out across TLS posture, email authentication, header hygiene, breach history, CSP strength, and attack surface. Underwriters get the headline number and the underlying contributors in the same view.

Evidence-Backed Findings

Every finding includes a category, a severity tag, the raw external data that triggered it, and direct remediation guidance. No black-box ratings. If a finding is wrong, an analyst can see exactly why it surfaced and act on it.

AI-Enriched Risk Narratives

Technical findings are translated into business-language risk narratives suitable for underwriting files, board reporting, and broker submissions. Board-ready summaries, not just a list of failing checks.

Portfolio Monitoring

Group scanned domains into portfolios for ongoing monitoring. Underwriters organize prospects, renewals, and book-of-business domains into logical collections, and revisit the security posture before every quoting or renewal decision.

Business Identity Matching

Every scan runs through Minerva, the same business-matching engine that powers commercial underwriting for 100+ carriers, so a domain is never just a domain. It is tied to a real business entity with operational context. No standalone cyber scanner does this.

What Makes Carpe Cyber Different

You Should Not Have to Trust a Black-Box Score.

Every Carpe Cyber finding is auditable. Severity, the raw external data that triggered it, the source that produced the data, and the remediation a policyholder needs to take, all surfaced on the same row in the same view.

Carpe Cyber Risk Findings view with numbered callouts identifying the severity badge, the plain-language finding title, the source-cited evidence, and the breadth of categories covered in a single scan

  1. Severity Classification

    Every finding is graded Critical, High, Medium, or Low with a color-coded badge an underwriter can scan in seconds.

  2. Plain-Language Finding

    Technical issues translated into one-line headlines a carrier or broker can drop straight into a submission or referral.

  3. Source-Cited Evidence

    Each finding shows the raw external data that produced it (HIBP, DNS, certificate transparency, header probe). Auditable, not opaque.

  4. Multi-Category Coverage

    One scan spans breach history, email authentication, exposed APIs, transport security, content security policy, and content posture.

One Risk Findings view, four reasons it works the way cyber underwriting actually needs it to.

Evidence Transparency

Every finding shows the raw proof. Underwriters can verify each one themselves rather than trusting an opaque grade.

Accuracy Over Volume

Where most scanners flag IPs that no longer belong to the business, Carpe Cyber re-validates ownership before every finding.

Actionable Remediation

Every finding ships with specific, implementable guidance, so brokers and policyholders can fix the issue rather than just hear about it.

Insurance-Contextualized Intelligence

Findings are framed in underwriting terms (risk severity, loss potential, industry context) and connected to Minerva business intelligence on every scan.

Who Carpe Cyber Is For

Same Platform, Three Workflows.

Cyber Insurance Underwriters

Make better risk decisions in seconds, not days.

Scan a prospect domain before quoting. Re-scan at renewal to compare posture against bind date. Use real technical data to inform pricing, not self-reported questionnaire answers, and continuously monitor the security posture of every domain in the book.

Brokers and MGAs

Differentiate your submission with data the carrier cannot ignore.

Attach a Carpe Cyber report to every cyber submission. Show carriers the risk has been pre-vetted, identify remediation opportunities before binding, and use the same evidence to advise the client on what to fix.

The Insurance Industry

Built by an insurance data company, not a security vendor.

Carpe Data already serves 100+ insurance carriers with Minerva commercial underwriting intelligence. Carpe Cyber extends that trust relationship into cyber, with the same data standards, accuracy bar, and carrier-workflow native integration.

Where Carpe Cyber Fits

Minerva + Carpe Cyber: A Complete Underwriting Intelligence Stack.

Minerva tells you what the business is. Carpe Cyber tells you how secure the business is. Together, the same Carpe Data platform that already powers commercial underwriting for 100+ carriers now extends into cyber, with business identity matching embedded in every scan.

One vendor relationship, one data standard, one accuracy bar across the commercial and cyber book.

Talk to Our Cyber TeamExplore Minerva

See a Real Scan. Send Us a Domain.

Pick any domain in your book or pipeline. We will run a full Carpe Cyber scan and walk you through the report. No agents, no questionnaires, no security review needed on your end.

Request a Demo ScanSee How It Pairs with Minerva