Echo Secures $35 Million Series A to Build an AI-Native, Secure OS for Cloud Applications

Echo, a Tel Aviv–based startup building a secure, AI-native operating system for cloud applications, has reached a significant milestone with the announcement of its $35 million Series A round. Led by N47 with participation from Notable Capital, Hyperwise Ventures, and SentinelOne, the investment lands just months after the company’s initial seed raise and reflects escalating demand for hardened, vulnerability-free foundations in modern software environments. Echo is already safeguarding production workloads at enterprises such as Varonis, EDB, and UiPath, an unusual level of traction for a company still within its first year.

The Hidden Flaw in Modern Cloud Architecture

Most cloud-native applications rely on container base images—standardized building blocks that define runtimes, libraries, and dependencies. These images enable speed and portability but carry a long-standing security burden. Echo’s research shows that official Docker images for widely used languages like Python, Node.js, Go, and Ruby routinely contain more than 1,000 known vulnerabilities. Studies continue to confirm that the base image layer, not application code, is responsible for more than 90% of container CVEs. That means organizations inherit a large attack surface before their developers contribute anything at all.

Eliminating Vulnerabilities at the Source

Echo addresses this structural risk by rebuilding container base images from scratch, including only essential components and removing anything unnecessary or outdated. These hardened images act as drop-in replacements for traditional Docker images, requiring nothing more than a one-line change in a Dockerfile. Teams immediately see inherited vulnerabilities disappear, giving them a secure foundation without altering workflows or code.

This minimalism is essential to Echo’s appeal. Security leaders get clear reductions in risk while developers avoid the endless cycle of patching infrastructure flaws they never introduced. By removing vulnerabilities at the root, Echo helps both groups move faster without added friction.

AI Agents Maintaining 600+ Secure Images

Echo’s catalog now includes more than 600 secure container images, maintained by autonomous AI agents that continuously track global CVE disclosures. When a new vulnerability is identified, these agents evaluate which images are affected, investigate potential fixes across unstructured sources, generate or apply patches, validate compatibility, and submit changes for review. This automated system allows a 35-person team to perform work that would traditionally require hundreds of security researchers, especially as threat actors adopt AI to shrink exploit windows from weeks to hours.

This dynamic—AI accelerating both software creation and software exploitation—underscores why investors view Echo’s model as part of an unavoidable transition in infrastructure security. Manual vulnerability workflows simply cannot keep pace with modern attack velocity.

Early Customer Impact

For early customers, the impact is immediate and measurable. EDB’s CISO, Dan Garcia, credits Echo with significantly reducing critical vulnerabilities and saving at least 235 developer hours per release cycle. Just as notable is how developers have responded: instead of resisting another security control, engineers are embracing the tool because it removes, rather than adds to, their workload.

Echo’s founders, Eilon Elhadad and Eylam Milner, bring deep operational experience from Israel’s 8200 and Ofek units and previously built Argon, a supply chain security startup acquired by Aqua Security for $100 million only a year after its launch. Their latest venture aims to refine how foundational cloud infrastructure is built and maintained.

Implications for the Future of Secure Infrastructure

The shift toward AI-native infrastructure is exposing a structural weakness in the way cloud systems have been secured for more than a decade. As enterprises move from human-written code to machine-generated code—and from manual deployment workflows to autonomous pipelines—the volume of software entering production is increasing far faster than traditional security processes can handle. Vulnerabilities embedded in foundational components such as OS layers, package repositories, language runtimes, and container images propagate upward into every service that depends on them, especially in distributed microservice architectures where reuse and interdependence are extensive.

The industry is nearing a point where reactive patching and periodic scanning will no longer be operationally viable. Exploit windows continue to shrink as offensive automation accelerates, while dependency chains grow deeper and more complex. Future cloud environments will require base layers that are continuously maintained, minimal in composition, and governed by autonomous systems capable of updating themselves at machine speed. This reflects a broader shift across the software ecosystem: static components are giving way to dynamic, self-regulating infrastructure that adapts to global threat signals without relying solely on human intervention.

As AI-to-AI communication becomes more common across enterprise stacks, predictable and deterministic runtimes will become foundational. Automated systems handing off tasks to other automated systems require environments that behave consistently under all conditions. This points toward a model where core infrastructure is rebuilt rather than patched, and where attack surface reduction is treated as a baseline design constraint rather than an optimization.

Taken together, these trends suggest a future in which cloud infrastructure must be continuously validated, minimal, and capable of maintaining a stable security posture autonomously. As cloud and AI systems evolve, the environments supporting them will need to be equally adaptive and resilient, forming a critical layer for the next generation of secure, large-scale, AI-driven applications.