Introducing Enso Security, the World’s First Application Security Posture Management Platform

There are times when customer-side experiences are frustrating to the point of inspiration – when pain points become so acute that industry professionals transform into entrepreneurs and leverage their experience to create a truly innovative and necessary solution. Starting from today, the AppSec community will finally be equipped with the tools they need to create automated and standardized application security programs. It’s my pleasure to announce our recent $6M seed round for Enso, the world’s first Application Security Posture Management platform.

The brainchild of former Wix application security experts Roy Erlich, Chen Gour-Arie and Barak Tawily, Enso is the “air traffic control system” AppSec teams are missing to coordinate tools, people, processes and even applications themselves—without generating any friction for developers. This is hardly a trivial problem, and yet you’d be hard-pressed to find any management tools in the underserved AppSec market that address this.

In one of our fastest due-diligence processes ever—a matter of days—we met with Enso’s talented team to understand their market fit. Security teams have to see all of the applications in their environment in order to protect them, the three co-founders explained, as we talked through the need to organize AppSec chaos. With a perfect appreciation for the workflows and processes of application development and security, they succinctly laid out how even the most current AppSec best practices couldn’t keep up with the scale of today’s CI/CD pipelines.

AppSec teams are responsible for running a multitude of tasks without a central control unit or official inventory. From measurements, threat modeling, pen tests, code scanning for vulnerabilities and even bug bounty programs, application security for thousands of APIs are still getting managed over rudimentary programs and spreadsheets. Determining ownership requires an often lengthy chain of emails and task-prioritization is still managed manually.

Enso’s solution cuts through the problem space with elegant simplicity: it organizes everything AppSec teams need in one place to see, prioritize and manage enterprise application risk in a single platform. By integrating with existing development systems, Enso leverages data from sources like ticketing systems and data repositories to make the most of what enterprises already have for smoother and more efficient AppSec processes. The founders place a particular emphasis on efficiency—the platform was designed to secure developer workflows without any disruption and let AppSec teams actually focus on securing enterprise applications.

The Enso founders’ dedicated AppSec background have provided them the insight they need to appreciate its practical challenges as a field. Our confidence in their expertise and excitement over our future partnership has been further stoked by the enthusiasm our CISO-in-Residence, Sounil Yu, has expressed over Enso’s platform. Within two sessions with the team, he was finally able to fill in a previously blank cell of his celebrated Cyber Defense Matrix—coining the term ‘Application Security Posture Management’ (ASPM); This is a truly green space for cybersecurity innovation and an exciting step forward for AppSec teams everywhere.

We’re looking forward to watching Enso claim this new space and lead the way towards easier, simpler and better AppSec everywhere. To learn more about Enso, please visit enso.security.