CAG

Cranium AI Governance

AI Security & Governance

AI Governance & ComplianceSecurityGovernanceRisk ManagementCompliance
Function:Security
Subfunction:Regulatory Compliance
Loading versions...
Founded
2023
Employees
~57-62
Funding
$32M (Seed + $25M Series A)
Stage
$7.3 million ARR (estimated 2024\)
Report version: Oct 20, 2025

1. Products/Services & Features

  • Main Offerings:

    • AI Security & Governance Platform
    • AI Red Teaming (Cranium Arena)
    • Compliance Automation (ComplianceAgent)
  • Feature Breakdown: AgentSensor (agentic AI visibility), CloudSensor (cloud security monitoring), ComplianceAgent (automated compliance), Arena Shield (vulnerability simulation), AI Card (compliance scoring), AutoAttest (audit trails), CodeSensor, Detect AI (Departments: Security, Compliance, Risk Management, IT Operations)

  • Business Industry Gearing: Financial Services, Healthcare, Consumer Packaged Goods, Retail, Enterprise

2. Security & Compliance

  • Certifications: SOC 2 Type 2 Compliant, Supports EU AI Act, NIST AI RMF, ISO frameworks compliance

  • Vendors/Tools: Integrates with cloud environments and third-party AI systems for monitoring

  • Risk Profile:

    • Breaches: No public breaches reported
    • Features: Comprehensive AI security, automated threat detection, continuous monitoring, red teaming capabilities

3. User Feedback & Adoption

  • Aggregated Reviews: Limited public reviews available on G2/Capterra; recognized as Gartner Cool Vendor 2025, TAG Infosphere Top Five Vendor for AI Security 2025-2026

    • Pros: Comprehensive platform covering full AI lifecycle, strong focus on enterprise compliance, innovative agentic AI security, recognized industry leadership
    • Cons: Limited public user reviews available, enterprise-focused pricing may be prohibitive for smaller organizations, relatively new company (founded 2023)
  • Adoption Insights:

    • Adoption Ease: Enterprise-focused with complex implementation; designed for large organizations managing multiple compliance frameworks
    • Adoption Cultural Fit: High fit for security-conscious enterprises; requires cross-functional buy-in from security, compliance, and IT teams
  • Metrics:

  • Barriers: High implementation complexity, enterprise pricing, need for organizational alignment across security and compliance functions

4. Monetization & Business Model

  • Revenue Model: SaaS subscription-based model with enterprise custom pricing

  • Pricing: Custom enterprise pricing based on organization size, number of AI systems monitored, compliance frameworks required (Sources: Not publicly disclosed; available on Microsoft Marketplace with annual subscription option)

  • Market Context:

    • TAM: AI governance and security market growing rapidly with enterprise demand for compliance solutions
    • Growth Stage: Growth stage; market expanding as enterprises scale AI adoption

5. Leadership & Recent Developments

Name Description LinkedIn X Account
Jonathan Dambrot CEO & Co-Founder; Former KPMG partner; Led development of Cranium within KPMG Studio; CISSP certified, CTPRP certified https://www.linkedin.com/in/jonathan-dambrot-273995
Felix Knoll Co-Founder, Chief Operating Officer (COO) & Chief Revenue Officer (CRO); Former KPMG Studio; Sales and operations leadership background https://www.linkedin.com/in/felix-knoll-840479
Gerhard Eschelbeck Board Member; Former CISO of Google; Cybersecurity executive with extensive experience in information security and governance https://www.linkedin.com/in/gerhardeschelbeck
  • Key Metrics Update:

    • Funding: Series A: $25 million (October 2023); Seed funding prior; Total raised: $32 million
    • Employee Growth: 5% headcount increase year-over-year (45 employees in 2024, 49 on LinkedIn as of October 2025)
  • News/Trends:

    • News Launch: Emerged from stealth April 2023; launched Cranium Arena (AI red teaming platform) in 2024; launched AgentSensor, CloudSensor, ComplianceAgent, Arena Shield in October 2025
    • News Partnerships: Strategic partnership with Supply Wisdom for AI supply chain risk management (Know Your AI offering, Q4 2025 full release)
    • News Funding: Series A $25M led by Titanium Ventures with KPMG LLP and SYN Ventures participation (October 2023)
    • News Challenges: Addressing AI supply chain opacity, workforce skills gap in AI security, vulnerability management in agentic AI systems

6. Target Audience & Use Cases

  • Target Market: Large enterprises across financial services, healthcare, CPG, retail, and other regulated industries

  • Target Users & Personas: CISOs, Compliance Officers, Security Teams, Risk Management Professionals

  • User Experience Level: Enterprise security and compliance professionals with advanced technical knowledge

  • Key Use Cases:

    • AI Model Discovery & Inventory: Identifying and documenting all internal and third-party AI systems
    • Compliance Management: Automating compliance with EU AI Act, NIST AI RMF, ISO frameworks across multiple parallel requirements
    • AI Vulnerability Management: Red teaming, vulnerability simulation, and automated remediation for AI systems

7. Impact & Recommendations

  • Measurable Outcomes:

    • Workflow Improvements: Streamlines AI governance across supply chain, automates compliance documentation, reduces time to identify and remediate AI vulnerabilities
    • ROI Examples: Reduced compliance audit time through automation, faster AI deployment with built-in security, reduced risk of AI-related breaches
  • Fit Assessment: Excellent fit for large enterprises with complex AI ecosystems and strict compliance requirements; less suitable for small/mid-market organizations

  • Custom Rec Flags:

    • Priority ICP: Fortune 500 companies, financial institutions, healthcare organizations, regulated industries with significant AI investments
    • Short Term Goals: Expand agentic AI security capabilities, grow enterprise customer base, establish market leadership in AI governance

8. Data Sourcing Notes

Need help evaluating and implementing AI tools?

ChiriBrain orchestrates your entire AI stack — connecting tools, teams, and workflows into one governed platform.