Enso.security

Tel Aviv, Israel-based Enso Security develops an application security posture management platform that aggregates data from existing tools to provide enterprise teams with centralized visibility into software vulnerabilities and risk prioritization. The venture-backed software company operated independently until its acquisition by developer security firm Snyk in the second quarter of 2023 for an estimated $45 million to $50 million. Following this transaction, the acquirer integrated the startup's technology directly into its broader developer security platform. Prior to the acquisition, the enterprise application security provider raised $6 million in seed funding and grew its workforce to approximately 30 employees. The company's financial backers included lead investor YL Ventures, alongside Jump Capital and HackerOne co-founder Alex Rice. Enso Security was founded in 2020 by former Wix security experts Roy Erlich, Chen Gour Arie, and Barak Tawily.

High-Level Overview

Enso Security is a portfolio company developing the first Application Security Posture Management (ASPM) platform, designed to eliminate AppSec chaos by providing unified visibility, inventory, and control over application assets, risks, and security workflows.[1][2][4] It serves security teams and AppSec practitioners in organizations with complex software development lifecycles (SDLC), solving problems like tool silos, asset discovery gaps, and prioritization backlogs by aggregating data from tools such as SAST, DAST, WAAP, SCA, penetration testing, and threat modeling into a single pane of glass for policy enforcement and benchmarking.[2][4] The platform enables rapid deployment, automates risk assessment, and integrates with DevTech and collaboration tools to scale AppSec programs without disrupting development, with growth evidenced by community adoption of tools like the AppSec Map and availability on AWS Marketplace.[2][4][5]

Origin Story

Enso Security was founded around 2020 by application security professionals, including co-founder and chief architect Chen Gour Arie, who drew from personal experiences navigating the chaotic AppSec landscape filled with buzzwords, acronyms, and fragmented tools.[2][3] The idea emerged from their frustration as practitioners, leading to the creation of the AppSec Map in 2022—a community-driven interactive visualization of the AppSec ecosystem that quickly gained traction for simplifying tool selection and posture assessment.[2] Early pivotal moments included launching the ASPM platform to consolidate data and reduce manual work, backed by investors like YL Ventures, Merlin VC, and CloudZone, which supported infrastructure scaling on AWS.[1][3][6]

Core Differentiators

• Comprehensive Asset Discovery and Inventory: Continuously identifies full application portfolios with ownership, tech stack, and historical data from DevTech, security tools, and collaboration platforms, providing a unified view regardless of infrastructure.[1][4]
• Data-Driven Prioritization and Workflow Automation: Aggregates insights from multiple AppSec tools (e.g., SAST, DAST, SCA), prioritizes risks with evidence-based scoring, minimizes backlogs, and enables policy enforcement to benchmark SDLC governance over time.[2][4]
• Community and Developer Focus: Built by AppSec experts for experts, with tools like the customizable AppSec Map for posture ratings and strategic planning; integrates native collaboration for seamless developer handoffs.[2][3][5]
• Ease of Deployment and Scalability: SaaS model deploys in minutes on AWS, with high availability via services like Auth0, Elasticsearch, Grafana, and MongoDB Atlas, supporting multi-region growth without compliance tradeoffs.[4][6]

Role in the Broader Tech Landscape

Enso rides the shift to ASPM amid exploding application complexity in multi-cloud, DevOps-driven environments, where traditional point tools create silos and visibility gaps.[1][2][4] Timing aligns with rising AppSec demands from regulations, supply chain attacks, and developer velocity, as teams struggle with dynamic assets and runtime risks—market forces favoring unified platforms over fragmented inventories.[2][4] By open-sourcing community tools like the AppSec Map and enabling systematic maturity, Enso influences the ecosystem, empowering practitioners to standardize programs, reduce chaos, and integrate security into SDLC without friction, much like how cloud security platforms evolved from CSPM.[1][2][5]

Quick Take & Future Outlook

Enso is positioned to expand as ASPM becomes table stakes for enterprise AppSec, with integrations deepening into AI-driven DevSecOps and zero-trust stacks. Trends like generative AI in code generation and edge computing will amplify asset sprawl, driving demand for Enso's real-time prioritization and enforcement. Its influence may grow through further community tools and partnerships (e.g., AWS, YL Ventures), potentially leading to acquisitions by larger players like Orca or Okta in the consolidating security space—reclaiming control from chaos as AppSec scales globally.[1][2][4][6]