Elpha Secure

🏛️ Legal identity. Elpha Secure Technology, Inc. is a Delaware corporation incorporated in 2018, as recorded in a Regulation D Form D filing with the U.S. Securities and Exchange Commission (CIK 0001850887).^[1] The company's website identifies the operating entity as "Elpha Secure Technology Inc." with a principal business address at 580 Fifth Avenue, Suite 820, New York, NY 10036.^[2] A prior address at 576 Fifth Avenue, Suite 903, New York, NY 10036 appears in the SEC filing.^[1]

📋 Regulatory positioning. Elpha positions itself as a "Fully Licensed MGA" operating across all 50 U.S. states, with surplus lines disclaimers indicating that products are offered only through licensed surplus lines producers.^[3][4] Based on its own MGA positioning and explicit statements that it is "financially backed" by specific carriers, Elpha is most supportably classified as a cyber insurtech MGA with delegated underwriting authority rather than a licensed risk-bearing carrier.^[3] Carrier licensure for a proprietary balance-sheet carrier was not identified in the sources reviewed.

🔍 Licensing evidence. A public license record from the Florida Department of Financial Services shows a senior claims professional associated with Elpha holding nonresident property and casualty and nonresident surplus lines licensing categories at the same New York address.^[5] This evidences the use of state producer licensing regimes for personnel, though it does not substitute for a full entity producer licensing review across states. Disclosed capacity references in reviewed materials point to U.S. carrier paper rather than Lloyd's syndicate participation.^[3]

🔐 Core thesis. Elpha's model combines cyber insurance with embedded security software, aiming to reduce loss frequency and severity by integrating security tooling and managed support into the insurance proposition.^[2] The insurance product is marketed as a "cyber insurance policy with market-leading coverage," paired with specific economic enhancements — notably reduced ransomware retention and shortened business interruption waiting periods — when the insured uses Elpha's security solution.^[3] The security product, commonly branded "Elphaware" in earlier materials, is positioned as SaaS installed on endpoints with multiple modules including EDR-like monitoring, backups, MFA for remote access, and SOC support.^[6]

🏢 Target market. Multiple sources converge on an SME-to-lower-mid-market orientation, with Elpha's marketing emphasizing "small businesses" and "small and midsize businesses."^[7] A strategic partnership expansion announced by AXIS Capital Holdings Limited directs standalone cyber submissions for policyholders with revenue up to $100 million to Elpha's platform via wholesale brokers, effective July 1, 2024.^[8]

💰 Bundled economics. Elpha's broker-facing marketing states that a "single premium includes" both insurance and its software suite, suggesting bundled economics for the core insured distribution channel.^[3] Separately, a co-branded page with Selective Insurance indicates per-device pricing tiers ($25 and $37 per device per year), implying the software can also be packaged as a standalone subscription or affinity benefit depending on channel structure.^[9]

📄 Policy structure and pricing. Elpha advertises a base policy starting at $1,000 and "insurance + software starting cost $1,000."^[10] Marketed enhancements include a $500 extortion loss retention, a 6-hour waiting period, and a 365-day period of restoration for business interruption when the insured adopts the security solution.^[3] Marketing frames the product as "straightforward" with embedded software upgrades and enhancements, though the modularity of insuring agreements and distinctions between proprietary and carrier wording are not detailed in accessible product-facing pages.^[7]

🛡️ First-party coverages. Elpha's marketing pages explicitly list business interruption and system failure coverage (with waiting-period and restoration-period enhancements), ransomware and cyber extortion coverage (with an extortion loss retention enhancement), and incident response expenses.^[10]

⚖️ Third-party coverages. Listed third-party coverages include network security and privacy liability, regulatory fines, and PCI coverage.^[10]

🏥 Breach response model. Elpha states it maintains a curated provider panel and encourages policyholders to use listed providers. The claims page includes reimbursement gating language stipulating that only expenses incurred through engagement of listed response providers and with Elpha's prior written consent qualify as incident response expenses under the first-party insuring agreement.^[11] This indicates a panel-led incident response model with economic controls rather than unrestricted vendor choice. Elpha's claims page provides an incident hotline routed through incident response counsel and references a formal claims email notice process.^[11]

📊 Coverage differentiation. Elpha markets "enhanced coverage" — lower retentions, shorter waiting periods, and longer restoration periods — when the insured adopts the security solution.^[7] This positions the insurance economics as an adoption lever for the security tooling.

🖥️ Service posture. Elpha's software is positioned as endpoint-installed tooling with additional managed services, supported by a Security Operations Center.^[12] Pre-bind capabilities include a "deep scanning tool" for external network and cloud assets to detect vulnerabilities and misconfigurations, plus a monthly outreach cadence focused on worst risks with an option for quarterly reporting.^[13] This functionally resembles underwriting hygiene enforcement and risk-improvement workflows aligned with cyber insurance subjectivities.

🔒 Continuous in-force services. Elpha describes a seven-component security agent comprising real-time threat monitoring (EDR-like), remote access protection with MFA, SOC outreach for top patches and mitigations, email security ("ES Mail") for phishing, spam, and fraudulent financial transaction identification, patching capabilities (vulnerability and version management), dark web monitoring, and exposed credential monitoring.^[13]

🤝 Technology partners. Elpha launched its cyber insurance offering on Socotra's cloud-native platform with an implementation time of less than two months. An analytics partnership with CyberCube provides Portfolio Manager and Single Point of Failure Intelligence for portfolio accumulation management and capital discussions.^[2][14] In October 2025, Elpha announced a partnership with SentinelOne to integrate its insurance offering with SentinelOne's security platform for SMB customers.^[15]

✅ Validation signals. Elpha states its software is third-party audited by Security Compass Advisory and references VB100 testing as a validation mechanism.^[13][11]

🌐 Channel architecture. Elpha works with wholesale insurance brokers and markets "quotes in seconds" with an online binding workflow.^[7] The AXIS partnership expansion also references routing submissions via wholesale broker partners to Elpha.^[8] A digital distribution partnership with Affinity Advisors further streamlines access to cyber insurance and security solutions through wholesale broker partners.^[16]

📍 Geographic footprint. Elpha states it operates across all 50 U.S. states.^[3] The public site is U.S.-oriented with U.S. contact information and surplus lines disclaimers; operational capabilities outside the United States are not described in reviewed sources.^[4]

🏦 Capacity providers. Elpha's broker page states it is financially backed by AXIS Surplus Insurance Company and Everest Re Group.^[3] Specialist coverage further supports a multi-carrier program structure, naming Everest Indemnity Insurance Company and AXIS Surplus Insurance Company as insurers underwriting the cyber program.^[17]

🤝 AXIS relationship. AXIS disclosed that the relationship commenced in 2021 and that AXIS became both an investor in and a capacity provider for Elpha.^[8] By July 2024, AXIS began directing certain standalone SME cyber submissions for risks with revenue up to $100 million to Elpha's platform.^[8] This is a meaningful indicator of institutional confidence and suggests AXIS viewed Elpha as a scalable distribution and servicing mechanism for a portion of its SME cyber portfolio.

👤 Founders. Preetam Dutta is identified as CEO in Elpha communications and is listed as an executive officer and director in the SEC Form D filing.^[1][18] Gordon Malin is identified by AXIS as Elpha's co-founder and CEO as of June 2024.^[8] External profiling and Elpha's positioning indicate a technical cybersecurity orientation at the founding level.^[18]

🎓 Education. David Williams-King's doctoral training is associated with Columbia University, as described on a Columbia CS personal page.^[19] Preetam Dutta's education claims (PhD at Columbia; undergraduate at Yale University) appear in secondary profiles rather than primary filings.^[20]

📌 Key leadership roles. Josh MacDonald is publicly referenced as Chief Underwriting Officer in multiple industry contexts including events and commentary.^[21] David Williams-King self-identifies as having become CTO at Elpha after completing a PhD.^[19] Perry Tsao appears in a Florida license record with a business address aligned to Elpha and holds nonresident P&C and nonresident surplus lines licensing categories.^[5]

💵 Series A. Elpha completed a $20 million Series A in October 2022 led by Canapi Ventures with participation from existing investors including Stone Point Ventures, AXIS Capital, State Farm Ventures, The Hartford STAG Ventures, Fermat Capital Management, and EOS Venture Partners.^[14] Socotra's announcement references Elpha having raised "more than $9 million" in seed funding prior to the Series A. Cumulative disclosed funding therefore exceeds $29 million.^[14]

📊 Financial transparency. Elpha does not publicly disclose GWP, policy count, loss ratio, or revenue in the reviewed sources. The only broadly accessible scale proxy is a third-party headcount estimate of approximately 40 employees.^[22][16] No statutory insurance financial filings attributable to an Elpha-owned carrier entity were identified; the review relied on SEC Form D identity data, insurer and partner disclosures, and company-controlled product pages.^[1]

🎯 Cluster placement. Within the cyber insurtech ecosystem, Elpha fits the "embedded cyber defense + cyber insurance" cluster: an underwriting structure plus active security tooling and services, with insurance economics used as an adoption lever for the security product.^[10]

🏁 Peer analogs. At-Bay positions a combined insurance and security platform including MDR, with policy enhancements tied to adopting security controls.^[23] Coalition markets "active" cyber insurance with incident response and affiliated security capabilities.^[24] Cowbell emphasizes continuous underwriting and continuous risk assessment as core differentiators.^[25] Elpha's differentiation relative to these larger platforms rests not on scale disclosures — which are limited — but on explicit program relationships with AXIS that route SME submissions to its platform and on security product breadth centered on endpoint-installed capabilities plus SOC outreach, including newer email-security tooling.^[8]

🏰 Moat assessment. Elpha's CyberCube partnership for portfolio analytics and accumulation risk tooling indicates an intent to professionalize catastrophic cyber risk management for capacity discussions.^[2] The software suite is described as modular and configurable (active and passive modes), covering endpoint monitoring, backups, email security, and vulnerability management — broader than a pure scan-based underwriting overlay.^[13] AXIS's 2024 decision to direct certain SME submissions to Elpha indicates distribution leverage, and disclosed carrier backers (AXIS Surplus and Everest entities) provide a positive stability signal, though AXIS also being an investor intensifies counterparty concentration risk.^[3][8]

⚠️ Risk factors. The program's backing by a limited set of carriers creates fragility if capacity appetite changes, pricing corridors tighten, or performance triggers are invoked.^[3] Cyber accumulation remains the existential risk of the class; a Milliman case study quoting Elpha's underwriting leadership highlights catastrophic systemic exposure framing.^[26] Bundling security into premium requires consistent adoption and operational support to realize loss benefits, and deployment and configuration remain operational realities.^[13] Larger "InsurSec" peers also market insurance enhancements linked to security adoption and many operate at significantly larger disclosed scale, increasing their ability to invest in threat intelligence and incident response.^[23] The model relies on surplus lines distribution and producer licensing compliance across many jurisdictions.^[4]

📈 Product-market broadening. In February 2023, Elpha stated it increased capacity to quote businesses with revenues up to $100 million and broadened underwriting appetite into additional industries including transportation, entertainment, life sciences, and certain education sectors.^[18]

🔗 Institutional distribution scaling. AXIS's 2024 expanded partnership indicates a deliberate shift of SME cyber submissions to Elpha's platform beginning July 1, 2024, covering standalone cyber submissions for risks with revenue up to $100 million routed via wholesale brokers.^[8]

✉️ Security capability expansion. Elpha's ES Mail features and associated fraud-oriented detections indicate expansion from endpoint tooling into email security and financial transaction fraud signaling.^[13] The SentinelOne partnership (October 2025) signals a strategy of integrating with a mainstream endpoint security platform, potentially as an alternative to purely proprietary controls or as a co-managed layer.^[15]

🗓️ Newsroom developments. A February 2026 Elpha newsroom headline indicates the ES Mail launch and cybercrime limit expansion to $500,000.^[4]

• Cyber insurtech MGAs and underwriting agencies