As enterprises accelerate the deployment of LLM and agentic workflows, they are facing a significant infrastructure bottleneck: the container base images powering these applications are loaded with legacy security debt.
Echo, an Israeli startup, is announcing $35 million in Series A funding today (bringing its total funding to date to $50 million) to fix this by fundamentally reimagining how cloud infrastructure is built.
The round was led by N47, with participation from Notable Capital, Hyperwise Ventures, and SentinelOne. But the real story isn’t the capital — it’s the company’s ambitious goal to replace chaotic open-source supply chains with managed, "secure-by-design" Operating System.
Cloud’s hidden operating system
To understand why Echo matters, you first have to understand the invisible foundation of the modern Internet: the container base image.
think of one "CONTAINER" Like a shipping box for software. It holds the application code (what the developers write) and everything that is needed to run the code. "base image"For a non-technical audience, the best way to understand the base image is to compare it to a brand new laptop. When you buy a computer, it comes pre-installed with an operating system (OS) like Windows or macOS to handle basic things like talking to the hard drive, connecting to Wi-Fi, and running programs. Without it the computer is useless.
In the cloud, the base image is that operating system. Whether a company like Netflix or Uber is building a simple web app or a complex network of autonomous AI agents, they rely on these pre-built layers (like Alpine, Python, or Node.js) to define the underlying runtime and dependencies.
This is where the risk begins. Unlike Windows or macOS, which are maintained by tech giants, most base images are open-source and created by communities of volunteers. Since they are designed to be useful to everyone, they are often packaged "bloat"—Hundreds of additional tools and settings that most companies don’t really need.
Ilam Milner, CTO of Echo, uses a clear analogy to explain why this is dangerous: "Simply taking software from the open source world, it’s like taking a computer you found on the sidewalk and plugging it into your [network],"
Traditionally, companies try to fix it by downloading the image, scanning it for bugs, and trying "patch" hole. But this is a losing battle. Echo’s research indicates that official Docker images often contain more than 1,000 known vulnerabilities (CVEs) as soon as they are downloaded. For enterprise security teams, this makes it an impossible game "a mole," Inherited infrastructure debt before their engineers wrote a line of code.
"enterprise linux" moment for ai
For Echo co-founder and CEO Ilon Elhaddad, the industry is repeating history. "What’s actually happened in the past… everybody runs with Linux, and then they move to enterprise Linux," Elhadad told VentureBeat. Just as Red Hat professionalized open-source Linux for the corporate world, Echo aims to do the same "Enterprise AI Native OS"-A rigorous, curated foundation for the AI era.
"We find ourselves in the AI core era, the foundation of everything," Elhadad says.
Tech:A "software compilation factory"
Echo is not a scanning tool. It doesn’t look for weaknesses after the fact. Instead, it acts as a "software compilation factory" Which reconstructs the images from the beginning.
According to Milner, Echo’s approach to addressing vulnerabilities relies on a rigorous, two-step engineering process for each workload:
- Compiled from source: Echo starts with a blank canvas. It does not patch existing bloated images; It compiles binaries and libraries directly from source code. This ensures that only the necessary components are included, significantly reducing the attack surface.
-
Hardening and provenance (SLSA Level 3): The resulting images are hardened with aggressive security configurations to make exploitation difficult. Importantly, the build pipeline adheres to SLSA Level 3 standards (the supply-chain level for software artifacts), ensuring that each artifact is signed, tested, and verifiable.
result is one "Drop-in replacement." A developer simply changes a line in their Dockerfile to point to Echo’s registry. The application runs identically, but the underlying OS layer is mathematically clean and free of known CVEs.
AI defending against AI
The need for this level of cleanliness is being driven by "ai vs ai" Security arms race. Bad actors are increasingly using AI to compress exploitation windows from weeks to days. simultaneously, "coding agent"-AI tools that write software autonomously – are becoming the number one generator of code, often statically selecting outdated or vulnerable libraries from open source.
To combat this, Echo has created a proprietary infrastructure of AI agents that autonomously manage vulnerability research.
- Continuous monitoring: Echo’s agents monitor 4,000+ new CVEs added to the National Vulnerability Database (NVD) monthly.
-
unstructured research: Beyond official databases, these agents scour unstructured sources like GitHub comments and developer forums to identify patches before they are widely published.
-
self healing: When a vulnerability is confirmed, agents identify the affected images, apply the fix, run compatibility tests, and generate a pull request for human review.
This automation allows Echo’s engineering team to maintain over 600 secure images – a scale that would traditionally require hundreds of security researchers.
Why does this matter to CISOs?
For tech decision makers, Echo represents a change "means time to improve" To "Zero vulnerabilities by default."
EDB CISO Dan Garcia said in a press release that the platform "Saves at least 235 developer hours per release" By eliminating the need for engineers to manually check for false positives or patch base images.
Echo is already securing production workloads for major enterprises such as UiPath, EDB and Varonis. As enterprises move from containers to agentic workflows, the ability to trust the underlying infrastructure – without having to manage it – may be the defining characteristic of the next generation of DevSecOps.
The price of Echo’s solution is not publicly listed, but the company does list its price on its website "Based on image consumption, to make sure it’s consistent with how you actually build and ship the software."
<a href