Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...

The Rankiteo MCP server is now available.

Discover MCP
Self-hosted · Enterprise

The AI-native
Cyber Underwriting Operating System

Stop stitching tools together. The Cyber Underwriting OS is the platform your team actually lives in: portfolios, custom companies, claims, audit, AI Copilot, and the collaboration layer that lets a whole team work the same book in real time. You host it. Your customer data stays put.

Request Enterprise AccessTry the Desktop App
Self-hosted on Windows Server 2019 / 2022 · Desktop clients on Windows, macOS & Linux
What it is

One platform. The whole underwriting day.

We call it an operating system on purpose. The Cyber Underwriting OS is the layer everything plugs into: the people, the AI, the data, the workflow. It runs on a server you control and powers every underwriter’s Desktop App from inside your network.

The platform

One environment

Portfolios, custom companies, submissions, claims, wordings, sanctions screening, audit log, AI Copilot. All of it in one product, all of it on hardware you control.

The team layer

Real-time collaboration

Pessimistic per-row locks, lock badges that update live for every connected desktop, manager force-release, conflict-aware saves. Two underwriters can never silently overwrite each other.

The data boundary

Your network, your data

Customer portfolios, claims, audit trail. All stored on your server. Only cyber risk score lookups leave the firewall. No telemetry, no mirror to our cloud.

The intelligence

AI-native, not AI-bolted-on

AI Copilot, broker-submission auto-fill, AI underwriting memos, MCP-powered model integrations are first-class citizens, not a tab on the side. Use the bundled local model or plug in your own provider.

The audit surface

Compliance-ready by default

Every create / edit / delete recorded with actor email, target, and a full diff or before-snapshot in an append-only audit log. SOC 2 Type II + GDPR documentation pages live inside the admin UI.

The deployment

One installer. 30 minutes.

A signed Windows installer that bundles everything: database, app server, TLS gateway, services, admin UI. No piecing together infrastructure, no DevOps work for you to do.

Architecture

Where the data lives

Each underwriter’s Desktop App talks to your on-prem OS, never directly to our cloud. Customer portfolios, claims, audit trail, and the lock state all live on your server. The only outbound channel is read-only score lookups against the public Rankiteo company database, over TLS, with no customer data attached.

BeforeWithout On-Prem Server - All data flows to Rankiteo Cloud
COMPANY NETWORKDesktop AppRUnderwriter DesktopDesktop AppRUnderwriter Desktop✗ No local server - each app connects independently to cloudRankiteo Cloudrankiteo.comScores · Portfolios · Custom CompaniesAll data stored externally⚠ Data leaves your networkPortfolios + Scores + Customer Data →Custom Companies + Claims →
NowWith Rankiteo On-Prem Server - Customer data stays inside your network
YOUR CORPORATE NETWORK✓ Customer data stays insideRankiteo ServerOn-Prem · Windows ServerPortfolios · Custom Companies · ClaimsTEAM 1Desktop AppRUnderwriter 1Desktop AppRUnderwriter 2Shared Portfolio ATEAM 2Desktop AppRUnderwriter 3Desktop AppRUnderwriter 4Shared Portfolio BPortfolio APortfolio BNo portfoliodata exitsRankiteo CloudRisk Scores · 5M+ CompaniesCyber Intelligence APIOnly score requests leave the networkFWFetch Cyber Incident DB (1/day)
Capabilities

Built for the way underwriting teams actually work

Real-time collaboration, regulated-industry compliance, and the operational tooling your team needs to run a cyber book at scale.

Multi-user collaboration

Everyone in the team works the same book at the same time. Edits land directly on the server, badges and rows update live across every connected desktop.

Data residency by default

GDPR / DORA / NIS2 / NY DFS friendly. Customer portfolios, claims, and underwriting notes never leave your corporate perimeter. Documented SOC 2 Type II posture inside the product.

Conflict-free editing

Pessimistic per-row locks with auto-release. Two underwriters can never silently overwrite each other. Manager force-release when a teammate leaves a row held overnight.

AI Copilot at the core

Broker submission auto-fill, AI underwriting memos, MCP-powered model integrations, AI-curated risk summaries. Use our bundled local model or plug in your own provider key.

Team portfolios

Create named team portfolios any authorised member can load. Save your local custom companies as a new team book or merge them into an existing one with one click.

Append-only audit

Every action recorded with actor email, target, full diff or before-snapshot, IP, user-agent. Filter by actor and action in the admin UI. Hand to your SOC 2 auditor as-is.

Settings · CollaborationConnect to your team serverConnect this desktop to your Cyber Underwriting OS to share portfolios.ConnectedServerunderwriting.acme-corp.local:8443Account[email protected]NameAlice UnderwriterRoleManager✓ Custom Companies page can now load team portfolios.

Connect once. Live in the OS.

Each underwriter signs in to their Desktop App, opens Settings → Collaboration, enters the server address you got from your IT team, and that’s it. From that point on, every edit, every save, every lock is part of the team.

Verified server identity on first connect (TOFU pinning)
Cloud SaaS sync auto-pauses while connected to the OS
Five-role RBAC: Admin, Manager, User, Read-only, Service
TLS-encrypted communication, credentials in your OS keychain
Concurrency

Two underwriters, same book, zero overwrites

When more than one underwriter touches the same insured, the OS holds the line. Each row exposes its real-time status: either available or being edited by someone. Saves are version-checked so a stale write can never silently clobber a fresh one.

Available rows: any team member with edit-rights can grab them
Locked rows: holder name shown live to the rest of the team
Auto-release after a few minutes of inactivity (no orphaned locks)
Manager / Admin override when a teammate left a row held
Custom Companies · Team Portfolio🤝 Team portfolio (collaboration)Load a team's portfolio from your Cyber Underwriting OS. View + edit insureds inline.TeamCyber UW EMEAPortfolioQ4 2026 Renewalsℹ Edits save directly on your Cyber Underwriting OS. Team members see changes live.COMPANYINDUSTRYSCOREBANDSTATUSACTIONSAcme CorpTech742BavailableEditBeta IncFinance580C🔒 Sarah·Globex LtdHealthcare820AavailableEdit3 insureds · Team: Cyber UW EMEA
Deployment

From zero to a working team in four steps

One signed installer drops the entire stack on a Windows VM you control. No DevOps project, no separate database to provision, no certificate-management lift.

1

Install the OS

Run the signed Windows installer on a Server 2019 / 2022 VM. The installer bundles the database, app server, TLS gateway, and admin UI. Typical install: under 30 minutes.

2

Set up teams & roles

Create teams in the admin UI, assign managers, invite users. Five-role RBAC is in place from day one (Admin / Manager / User / Read-only / Service).

3

Pin the cert + connect desktops

Each underwriter opens the Desktop App and connects from Settings → Collaboration. The cert fingerprint you captured at install time is verified on first connect (TOFU).

4

Work the book together

Save custom companies into team portfolios, edit insureds inline with live lock badges, generate UW memos and quote letters, all without anything leaving your network.

Requirements

System requirements

What you need to deploy the Cyber Underwriting OS in your environment.

Server hardware

  • Windows Server 2019 or 2022 (or Windows 10/11 build 1809+)
  • 4-core CPU minimum (8-core recommended)
  • 8 GB RAM (16 GB for large portfolios)
  • At least 600 MB free on the install drive
  • Local administrator privileges

Database & persistence

  • Embedded PostgreSQL (bundled with the installer; nothing to provision)
  • Schema migrations applied automatically
  • Recommended: daily filesystem snapshot of the data directory
  • BitLocker / volume encryption supported

Network & security

  • One inbound TCP port for desktops (default 8443)
  • Self-signed TLS cert generated at install time, pinned by every desktop
  • Outbound HTTPS only for cyber risk score lookups
  • HSTS, strict CSP, frame-deny by default

Desktop client

  • Rankiteo Desktop App v1.0.9+
  • Windows 10/11, macOS, or Linux
  • LAN or VPN connectivity to the server
  • Enterprise plan subscription
FAQ

Frequently asked questions

Everything you need to know about the Cyber Underwriting OS.

Ready to give your team an Operating System?

Available exclusively with the Enterprise plan. Talk to our team to scope the deployment, walk through the security model, and run a tailored proof-of-concept against your own portfolio.

Contact SalesTry the Desktop App free