Cybersecurity Startup Lema Emerges From Stealth With $24M Series A as Third-Party Risk Reaches Critical Levels
Lema, a new cybersecurity startup founded by Israeli security and intelligence veterans, has emerged from stealth mode with a $24 million Series A, positioning itself to take on what many CISOs now describe as their single fastest-growing enterprise threat: third-party and supply-chain exposure.
The company, based in Israel, was founded by former leaders from large-scale defense, threat intelligence operations, and enterprise security automation teams. Though still operating quietly, Lema has already begun onboarding design partners across finance, healthcare, and large technology enterprises — sectors under mounting pressure from regulators and attackers alike.
Third-Party Risk Has Outpaced Traditional Security Models
Enterprise security teams have lost visibility as digital ecosystems balloon. A mid-sized enterprise now uses between 500 and 1,500 SaaS vendors, according to industry benchmarks. Large organizations often exceed 3,000 external integrations, including cloud services, data processors, contractors, and identity-linked partners.
Meanwhile, the threat landscape is shifting:
- 54% of all breaches now involve a third party, according to recent incident analyses.
- Supply-chain attacks have grown 7× over the last three years.
- The median breach cost tied to a vendor compromise is $4.76M, surpassing the global average.
- Frameworks such as NIST, DORA, and NIS2 now mandate continuous monitoring of vendor exposure — not just annual questionnaires.
The attack surface has essentially moved outside the four walls of the enterprise.
“Security teams can lock down their internal systems, but every vendor connection is another door they don’t control,” Lema’s founders explained. “The existing model isn’t broken — it’s obsolete.”
Lema’s Core Bet: Continuous, Externalized, and Automated Risk Measurement
Most organizations still rely on self-reported questionnaires, static assessments, and spreadsheets that become outdated within days. Lema argues that what the industry lacks is a unified system of record for third-party risk based on independent, real-time security telemetry.
According to details shared with TechCrunch, the platform centers around four technical pillars:
1. External Attack Surface Discovery for Every Vendor
Lema continuously maps a partner’s exposed assets — cloud endpoints, API surfaces, misconfigurations, leaked credentials, abandoned infrastructure, and code artifacts — without requiring vendor cooperation.
2. Behavioral Risk Scoring Engine
The platform incorporates signals including:
- DNS and certificate changes
- Exposure drift
- Dependency graph mapping (2nd–5th parties)
- Threat-intel correlation
- Domain takeover vectors
- Data pipeline access patterns
These feed into a dynamic model that updates risk continuously, not quarterly.
3. Hidden Supply-Chain Mapping
Lema’s founders say most enterprises underestimate their dependency graph by up to 40%, because SaaS vendors themselves rely on thousands of sub-vendors.
The platform identifies and classifies these 4th- and 5th-party relationships automatically — a capability regulators are increasingly demanding.
4. Workflow Integration for Procurement, Identity, and Security Controls
Rather than forcing new processes, Lema plugs into existing systems (e.g., IAM, GRC, procurement, and ticketing), enabling automated escalation when a vendor’s risk shifts.
This addresses a major bottleneck: enterprises struggle not with gathering vendor data, but operationalizing it.
Why Investors Are Moving Into Third-Party Risk Platforms
The third-party risk category has drawn heightened investor interest following major incidents, including attacks on widely used service providers, IT vendors, and managed service chains.
Global spending on supply-chain cybersecurity is projected to hit $7.5 billion by 2030, aided by:
- Mandatory continuous monitoring requirements
- Rising attack depth in modern cloud-native SaaS stacks
- Elevated board-level scrutiny after high-profile vendor compromises
- Increasing complexity in identity-linked and API-based integrations
Lema is entering a competitive but fast-expanding market segment where traditional GRC solutions are widely viewed as insufficient.
Is Lema Building the “Security Graph” for Third-Party Risk?
The startup’s architectural approach suggests an ambition to centralize not just vendor assessments but ongoing behavioral telemetry across an ecosystem.
Think: a continuously updating, organization-level risk graph.
If Lema can scale this model — particularly the automated mapping of deep vendor dependencies — it could occupy a critical role in enterprise security operations, similar to how attack surface management reshaped asset inventory.
What’s Next
The $24M infusion will support:
- Expansion of Lema’s data science and threat research teams
- Development of its risk correlation engine
- Deeper partnerships in North America and Europe
- Scaling onboarding automation for large enterprise ecosystems
Given rising regulatory pressures and the accelerating cadence of supply-chain breaches, the timing aligns with a broader industry shift: CISOs moving beyond questionnaires toward continuous, autonomous security validation of every partner in their digital ecosystem.
Lema’s emergence marks another signal that third-party risk is no longer a governance checkbox — it’s becoming a core security operations function.
