The dynamic between engineering (the productivity engine) and security (the risk reduction engine) has long been strained. Engineering teams are measured by how quickly they ship features and resolve critical issues – increasing adoption and customer satisfaction. That pace is accelerating and with AI-generated code, it’s exploding.
Code scanning tools like SCA, SAST have improved visibility but their real impact on security remains limited. New vulnerabilities continue to outpace patches, creating an ever-expanding backlog of risk. Developers often see these tools as blockers, slowing their workflows and shifting responsibility to security teams who cannot control the development process. The result is frustratingly familiar: productivity wins, and security is deferred.
At S Ventures, we search for ideas and technology that create step-function change – not incremental improvement. That is why we are excited to partner with Echo as part of its $35M Series A. Echo uses purpose-built AI agents to efficiently rebuild open-source software images from scratch, generating vulnerability-free alternatives with the same functionality. This approach eliminates security issues at the source, skips the endless vulnerability triage cycle, and lets builders focus on building.
Base images form the foundation of modern cloud applications, providing the minimal operating system components necessary to run workloads. Their importance is profound: influencing critical application characteristics such as performance, security, and compatibility. Yet most base images ship with numerous vulnerabilities, and every organization that uses them inherits those risks. Echo’s vision is bold — make secure base images the default, delivering strong security without slowing development. Their ability to easily and quickly swap out images, along with prioritizing the entire developer experience, really sets Echo apart in the market. Founded at the start of 2025, Echo already has an impressive catalog of more than 600 clean images and counts Varonis, EDB, and UiPath among its customers.
Echo is led by Eilon Elhadad and Eylam Milner, who have shaped some of the most widely used tools in container and supply chain security – including the CIS software benchmark and Trivy Enterprise. They previously founded Argon, a pioneer in software supply chain security which was sold to Aqua Security. The company is based in Israel and New York and has 35 employees.
S Ventures joins lead investor N47 and participating investors Notable Capital and Hyperwise Ventures. The Series A round comes just four months after Echo announced its $15 million seed round, bringing total funding to $50 million within 10 months of the company’s founding.