Enso Security, a startup headquartered in Tel Aviv and focused on building a next-generation application security posture management platform, today announced the completion of a $6 million seed funding round. The investment was spearheaded by YL Ventures, with additional participation from Jump Capital. Notable angel investors in this round include Alex Rice, co-founder and CTO of HackerOne; Sounil Yu, previously the chief security scientist at Bank of America; Omkhar Arasaratnam, formerly the head of Data Protection Technology at JPMorgan Chase, and toDay Ventures.

The company’s founders are Roy Erlich (CEO), Chen Gour Arie (CPO), and Barak Tawily (CTO). Reflecting a common trend among Israeli security companies, the founding team combines expertise gained from service within the Israeli Intelligence Corps with substantial practical experience in the commercial sector. Erlich previously led application security efforts at Wix, while Gour Arie served as an application security consultant for a diverse range of European businesses. Tawily brings a strong background in penetration testing and also previously managed a security team at Wix.

“The increasing speed of research and development enables organizations to quickly launch new applications and implement changes to existing ones,” Erlich stated. “However, this heightened complexity presents significant challenges for application security teams. These difficulties encompass tracking applications across various environments, accurately assessing risks, prioritizing tasks effectively, and consistently applying uniform Application Security policies across all applications.”

As organizations accelerate their software release cycles, application security teams often struggle to maintain pace – and may lack awareness of all applications under development within their organization. The team contends that current application security practices frequently rely on manual processes for identifying application owners and evaluating risk, and that resources allocated to application security teams are often limited, particularly in comparison to the size of the broader development teams. In fact, the Enso team believes that many AppSec teams currently dedicate the majority of their time to building relationships with developers and handling operational and product-related responsibilities – rather than focusing directly on application security.

“From the application security perspective, attempting to address every potential issue is an unsustainable endeavor,” Erlich explained. “However, it’s fundamentally about effectively managing risk. This requires making informed, data-driven decisions and having access to all necessary data in a centralized location.”

Enso Security aims to provide these teams with a platform offering a unified view for discovering applications, identifying ownership, detecting modifications, and monitoring their security status. This enables teams to prioritize and track tasks, and receive immediate insights into activity across their existing security tools. The company’s platform currently integrates with a variety of tools, including JIRA, Jenkins, GitLab, GitHub, Splunk, ServiceNow, and the Envoy edge and service proxy. The team emphasizes that even integrating data from a limited number of sources can deliver substantial benefits to Enso’s users.

In the coming months, the team intends to focus on continued product development and expanding its workforce from its current size of seven employees to approximately 20 within the next year.

“Roy, Chen, and Barak have developed a remarkably effective solution to a notoriously difficult problem,” said Ofer Schreiber, partner at YL Ventures. “By focusing directly on visibility – the core of this challenge – cybersecurity professionals can finally gain comprehensive oversight and control over all applications within their environments. This will significantly improve the speed of application deployment and overall enterprise productivity.”