Differentiation — AI-Agent Risk, Not Cyber Risk

The headline move: don’t fight Protos Labs on cyber risk — that’s a mature, ten-year-tenure game where they (ex-Booz Allen threat-intel operators, Lloyd’s Lab, CSA-backed, patented) have pedigree we don’t. Win the new ground: the financial risk that AI agents create. It’s a 2024-onward category where no one has a decade, and where our actual edges — we build AI agents, we quantify financial risk, and we do real data engineering — are decisive. Cyber is one input to that risk, not the category.

This answers both “how do we differentiate from Protos?” and the sharper question — how to emphasize the risk bought by new AI agents over cyber risk, when the team doesn’t have ten years in cyber. Same answer: change the category; don’t out-tenure them in theirs.

Who Protos actually is (no strawman)

Protos has pivoted — twice. Respect the current shape, not the old one:

  • Then (“Nexus”): cyber risk quantification — dollar loss (AAL/EML) sold to insurers to price cyber policies; Singapore’s first fast-tracked cyber patents. (background)
  • Now (“Protos AI”, launched RSA 2026): an agentic AI investigation platform“the intelligence platform for adversarial risk” — agents that augment CTI / fraud / supply-chain analysts across the investigation lifecycle, producing an investigation conclusion (the actor, the infrastructure), not a price. (launch)
  • Also (“Protos Cover”, a 2024 subsidiary): a licensed cyber-insurance agency selling SME / mid-market cyber cover in Singapore (expanding to MY / AU / TH), bundling Protos AI as a value-add. So they have already climbed Intelligence → distribution of cover — for cyber, on (agency) carrier paper, without holding the balance sheet. (protoscover.com.sg)
  • Founders: ex-Booz Allen Hamilton cybersecurity practice, intel-agency / OT-ISAC lineage — threat-intelligence practitioners, not actuaries and not (primarily) data/ML builders.
  • Tech: a curated OSINT marketplace + model-agnostic orchestration of off-the-shelf LLMs (Azure OpenAI / Anthropic / Gemini) + a knowledge graph. The value is the investigation workflow, not an owned data substrate.
  • Stage: seed (~US$2–3M, 2023), small team, mid-pivot — carrying both an insurtech heritage and a new agentic-investigation product.

Respect, don’t strawman: genuine CTI / national-security credibility, real Lloyd’s Lab / CSA / FWD validation, patents, an Asia-data angle, and a timely agentic + multi-LLM + freemium play. On cyber-threat investigation, they are strong — so we don’t play there.

The reframe: peril, not tool — and why our missing cyber decade doesn’t matter

Two one-line businesses, and they are not the same:

ProtosUs
AI is the…tool — agents that investigate adversariessubject — we price/transfer the risk agents create
Core questionWho is attacking, and how?What could our own AI agents cost us — and how do we bound it?
Risk typeAdversarial (an attacker exists)Mostly intrinsic / operational (no attacker)
MaturityCyber — ~a decade of tenureAI-agent risk — net-new (2024+), zero tenure for anyone

Why this neutralizes the tenure gap. Cyber risk rewards a decade of threat-intel scar tissue — which we don’t have and won’t fake. AI-agent risk is a different, newer category. The expertise it rewards is building and operating AI agents (we do — Meerkat, Contextful, the pipeline itself) and quantifying financial exposure (our financial-risk depth) — not cyber pedigree. In a new category, tenure in the old one can even be baggage: a CTI / “adversarial-risk” lens mis-frames agent risk, most of which has no adversary

AI-agent lossAdversary?Right lens
Model drift / hallucination causes a bad actionNoOperations / ML engineering
AI-provider outage → SLA-credit liabilityNoReliability + financial exposure
Autonomous agent moves money wronglyNoControls + financial risk
Prompt injection / poisoned MCP toolYesCyber (one input)

Only the last row is “cyber.” The rest is operational + financial-risk engineering — our turf, not a threat-investigator’s. We don’t have ten years fighting hackers; we have depth building the agents that are now the risk.

Differentiation by axis

AxisProtosUs — and why it holds
LensDefender / investigator (CTI, CISO-adjacent)Builder / operator (CTO) — we know agent failure modes white-box because we ship them
CategoryCyber / adversarial-risk investigationAI-agent financial-risk quantification & transfer
Financial riskSells conventional SME cyber cover (Protos Cover agency) + fraud investigation; not novel financial-risk modeling/transfer for the AI perilDeep & owned — $ exposure, parametric triggers, loss modeling, risk-transfer, trading Rung 0, ILS tail
DataCurated OSINT + orchestrate 3rd-party LLMs + knowledge graphOwned real-time data engineering — independent probes (proprietary signal, not scraped), dependency/exposure graph, durable pipeline, first-party Meerkat telemetry, local-first (Contextful)
OutputAn investigation conclusion (actor, infra)A priced, tradeable, insurable financial exposure (the dollars + the hedge/cover)
MonetizationEnterprise SaaSSell the signal + trade it + attach cover + showcase fund
DistributionAnalyst-facing freemiumDeveloper / agent-native (API, SDK, MCP, insure(action)) + PLG

White space (confirmed, not assumed)

Things Protos vacated or never entered, on the evidence:

  • Financial-loss quantification — they walked away from dollar CRQ toward investigation. (Their fraud / supply-chain work is adversary investigation, not financial-exposure pricing — and their “supply chain” is compromised-vendor risk, not provider-reliability risk.)
  • AI-agent / AI-system risk as the insured peril — they use agents (and Protos Cover insures cyber); neither models or transfers the risk of agents.
  • Novel AI-peril risk-transfer — Protos Cover sells conventional SME cyber policies (agency); there is no parametric AI-provider-down / agent-liability cover, trading, or ILS.
  • Owned data substrate + local-first-by-design — they integrate feeds and deploy flexibly; neither is a designed data-engineering moat.

Honest risks of this positioning

  • If the buyer frames the problem as “cyber,” Protos wins. Hold the AI-agent financial-risk frame; on their frame we lose. Anchor every pitch to a non-cyber dollar pain (provider-down SLA credits, agent-liability loss).
  • New category = education burden + smaller near-term budgets. Lead with a concrete, present dollar exposure, not a category lecture.
  • Neither of us is insurance-native — that gap is a wash, but Protos has more carrier validation today. Our financial-quant framing helps; it is not a substitute for carrier relationships (beachhead-execution §3).
  • Breadth is a focus risk. “Financial + data-eng + agent-native” must collapse to one wedge first: AI-provider-down financial exposure or agent-liability $ quantification.
  • Don’t fight Protos Cover in its lane. SME cyber insurance distribution in Singapore is theirs — licensed, CSA-recognized, a head start. Win by the peril (AI-agent, not cyber), the buyer (AI-native companies + carriers + CFO/treasury, not SMEs buying cyber policies), and financial depth — and treat Protos Cover as the template proving the Singapore tech→cover path works.

Strengthening our profile & execution power

Protos didn’t win on pedigree alone — they converted it: ex-Booz Allen credibility → Lloyd’s Lab + CSA grant + FWD + patents → a licensed cover subsidiary (Protos Cover) with carrier relationships. That is real profile (standing to be believed) and execution power (licence, capacity, distribution). We don’t match it by out-cybering them — we build the equivalents in our category, and we leapfrog on the dimension neither of us owns.

Profile — the standing to be believed

Protos hasWe build the equivalent — in AI-agent financial risk
Cyber-insurance guides + CSA / Lloyd’s badgesOwn the new category in public — the canonical “AI-agent financial-risk” thesis, operationalize IMDA’s agentic MGF, publish a public AI-uptime / incident index (the oracle as a cited public good — also answers the #18 oracle-integrity question), and a calibration / Brier track record from trading Rung 0 — an unfakeable credential Protos has no equivalent of
Lloyd’s Lab · CSA · FWD · AI VerifyThe same badges, our lane — Lloyd’s Lab C17 (themes fit AI-agent / systemic), the IMDA AI-Assurance Sandbox (public co-branded proof), AI Verify accreditation, CSA recognition
Insurer relationships (Protos Cover)Carrier validation as the credential — a data-feed pilot where our score sorts a carrier’s real losses; one non-scanning carrier is enough
(a gap they also have)Close the insurance-native gap deliberately — a fractional underwriting / actuarial advisor (or FRM, per Expertise). The single most leveraged move, because it’s a gap Protos shares — closing it leapfrogs them where neither leads
Nexus / Protos AI / Protos Cover brandBuilder credibility, made visible — open-source the probe client + Meerkat cage (OpenHackersClub), speak the SG circuit, name a crisp flagship; our CTO / builder story is our native profile

Execution power — ship, reach, transact, outpace

  • Rent the capital; don’t get licensed. Protos took the heavy, regulated path (a licensed agency). We deliberately don’t — for the eventual AI-peril attach we rent capacity from a carrier / coverholder (the #18 “never the balance sheet” line). Lighter, faster, and it sidesteps the regulatory-ops weight — execution power by leverage, not licensing.
  • Fund it without dilution. The FDE / services engine pays for the build (one engagement funds a hire — Sales Channels); layer CSA CyberCall / Startup SG Tech + compute credits. Clear the SG-residency / cap-table gate early — it’s what unlocks the big non-dilutive cheques.
  • Distribute agent-native, not via a sales force. API / SDK / MCP + PLG self-serve to AI-native companies, OpenHackersClub community, and the home-turf carrier calendar (ITC Asia / SIRC / SICW / SFF) — cheaper and faster than an enterprise-agency motion.
  • Use speed as the weapon. The agentic pipeline + FDE harness let a 3-engineer team out-execute on data / synthesis; ship the probe fleet + score on the 90-day plan, and trade the signal at Rung 0 for immediate feedback and revenue.
  • Pick the track to the threat. Bootstrap vs VC is chosen at the proof point — but Protos Cover going live is exactly the “incumbent is moving” signal that tilts toward the VC track if this is a land-grab: raise to hire data + distribution ahead of revenue and win the new peril before Protos extends into it.
  • Compound the moats only we have — first-party Meerkat telemetry (a signal no OSINT-integrator gets) and local-first (Contextful) for regulated-finance data residency.

The one strategic read: Protos Cover proves the Singapore tech→cover path works (de-risking ours) and signals an incumbent extending its footprint. So execution must be fast on the new peril — stand up profile (badges + a public track record) and a carrier pilot before Protos, or a hyperscaler, stretches cyber cover toward AI-agent risk.

Usable positioning lines

  • “Protos investigates adversaries faster. We price and transfer the new financial risk your AI agents create.”
  • “Cyber asks who’s attacking you. We ask what your own agents could cost you — and bound it.”
  • “We don’t have ten years fighting hackers. We have depth building the AI agents that are now the risk — and the financial-risk engineering to price them.”

Bottom line

Protos owns cyber-threat investigation and SME cyber-cover distribution (Protos Cover) — concede both. Our ground is the financial risk AI agents create: newer, un-tenured, and squarely on our edges — a builder/operator (CTO) lens, deep financial-risk quantification, and owned data engineering, with first-party agent telemetry no OSINT-integrator has. Lead with a dollar-denominated AI-agent exposure (provider-down, agent-liability), hold the category line, and let the execution roadmap and the Map & Route thesis carry the rest.


Different competitor, different reframe. This doc is the cyber → AI-agent reframe vs Protos Labs. For AIUC — the closest comparable to our whole model (audit-based AIUC-1 certification + insurance = enterprise “confidence infrastructure”) — the reframe is enterprise audit → SMB programmable assurance, developed in Adoption Guarantee § AIUC.

See also Beachhead — Agentic AI-Risk Intelligence, Beachhead Execution, AI & Cyber-Risk Strategy — Map & Route, Adoption Guarantee, and Trading AI & Cyber Risk.