Cranium is an AI governance and security software company that helps enterprises discover, document, test, and govern AI and GenAI systems across internal environments and third-party supply chains. Born from KPMG Studio, it focuses on AI security, third-party risk management, and compliance for organizations adopting AI at enterprise scale.
The Cranium platform is built to create system-of-record visibility into models, data, infrastructure, and vendors, then support red teaming, remediation, attestations, and ongoing governance. Cranium emphasizes operational oversight for both internally developed and externally sourced AI, with alignment to frameworks such as the EU AI Act, NIST AI RMF, ISO, and other emerging regulatory requirements.
Offerings, Capabilities, and Integrations
Cranium centers its offering on operational AI governance: visibility into where AI is used, documentation of what each system contains, testing against real-world threats, and verification of compliance posture. Its capabilities span AI discovery, inventory management, adversarial testing, remediation support, compliance scoring, and evidence generation for internal governance and external assurance.
The platform is designed to fit into existing development and cloud workflows rather than replace them. Cranium connects into code repositories, internal environments, and cloud configurations, supports AI Bill of Materials generation, and produces shareable artifacts for customers, vendors, regulators, and other stakeholders. It also supports third-party AI oversight and collaborative governance models for peers, partners, and regulated ecosystems.
Products and Services
- Cranium Platform: Unified AI security, third-party risk management, and governance platform for enterprise AI and GenAI systems.
- Cranium DetectAI: High-level discovery capability that identifies repositories and environments containing AI components to surface shadow AI and accelerate AI inventory creation.
- Cranium CodeSensor: Repository scanning capability that generates AI Bills of Materials and identifies AI libraries, models, datasets, and API calls at file level.
- Cranium CloudSensor: Cloud security monitoring service for AI environments that discovers alerts, tracks unauthorized changes, and assesses role-based access controls.
- Cranium Compliance Agent: Agentic compliance capability that streamlines framework completion with intelligent automation, document-aware response generation, and oversight controls.
- Cranium AI Card: Portable, shareable record of AI system construction, security, vulnerability, and regulatory alignment for internal and third-party governance.
- Cranium Arena: AI red-teaming platform that simulates real-world adversarial attacks against internal and third-party AI systems to uncover vulnerabilities.
- Cranium Arena Shield: Remediation capability that applies guardrails, auto-generates fixes, and verifies mitigation for issues identified through AI system testing.
- Cranium AgentSensor: Discovery capability for agentic applications that detects AI agents, the tools they invoke, and related agent interactions across the environment.
- Cranium AI Risk Assessment: Assessment service that analyzes AI environments, maps threats and vulnerabilities, and delivers executive reporting with remediation guidance.
- Cranium Learning Environment: Education offering with self-paced training focused on AI security, AI red teaming, hallucinations, and responsible AI adoption.
Target Customers
Cranium targets mid-market and large enterprises that are building, deploying, buying, or governing AI systems and need stronger visibility, security, and compliance controls. Its platform is positioned for organizations managing both internally developed AI and external AI embedded in vendor software, models, APIs, and supply chains.
The company speaks directly to security, compliance, risk, governance, and data science teams, and it also addresses third-party risk, procurement, audit, and legal stakeholders involved in AI oversight. Cranium shows particular relevance for highly regulated and AI-intensive sectors such as financial services and life sciences, as well as other enterprises that need defensible governance across complex AI ecosystems.
Cloud Integrations and Marketplace
- Azure Marketplace: Cranium is available through Azure Marketplace, and its CloudSensor capability is positioned to integrate with Microsoft Azure environments for cloud security monitoring, alert discovery, change monitoring, and role-based access control assessment.
Key People
- Jonathan Dambrot: CEO & Co-Founder
- Felix Knoll: COO/CRO & Co-Founder
- Vivek Radia: CFO
- Daniel Carroll: Chief Technology Officer
- Byron Hawkins: Chief Information Security Officer (CISO)
- Daniel Christman: Vice President of AI Programs, Co-Founder
- Paul Spicer: VP of IT Security and Compliance, Co-Founder
- Betsy J. Walker: SVP of Marketing
Key Facts
- Headquarters: Short Hills, New Jersey, United States
- Employees: 51-200
- Annual Revenue: $5M-$10M
- Parent Company: None
- Subsidiaries: None
- Publicly Listed: Not publicly listed
Analyst Recognitions
- Gartner: 2025 Gartner Cool Vendors in AI Cybersecurity Governance – Cool Vendor. 2025 Gartner Market Guide for AI Governance Platforms – Representative Vendor. 2025 Gartner Hype Cycle for Artificial Intelligence – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for AI in Software Engineering – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Data and Analytics Governance – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Data, Analytics and AI Leaders and Programs – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Data Security Technologies – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Artificial Intelligence in Banking – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Application Security – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Enterprise Architecture – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for K-12 Education – Sample Vendor for AI Governance Platforms. 2025 Gartner Hype Cycle for Local Government – Sample Vendor for AI Governance Platforms.
