Lema AI Raises $24M to Replace ‘Check-the-Box’ Compliance with the First Agentic AI Built to Secure the Enterprise Supply Chain

Trusted by Fortune 500 companies, Lema’s agentic AI platform replaces  compliance-driven checklists with continuous forensic analysis that  maps the vendor attack surface inside the enterprise, empowering enterprises to eliminate critical blind spots before they become  business-critical incidents. 

Enterprise supply chains now depend on thousands of third party vendors—and yet existing solutions focus solely on manual compliance validation, creating  significant blind spots in how companies manage risk. Lema AI, an agentic AI security platform  that empowers enterprises to build resilient, secure partnerships with their global vendors, today  emerged from stealth with $24 million in funding. The Series A was led by Team8, with F2 Venture  Capital leading the Seed round and participation from Salesforce Ventures. 

From SaaS applications to payment platforms, third-party vendors have become the operational  core of the modern enterprise. Gartner reports that 60% of companies now rely on over 1,000  external vendors, creating a vast attack surface that static, point-in-time compliance forms  cannot secure. While these vendors are external, they hold insider access to sensitive internal  systems and data, meaning a single compromise can quickly become an enterprise-wide incident.  A McKinsey report reveals that nearly one-third of recent cyber breaches originated from third  parties – yet most organizations still defend this expanding perimeter with static spreadsheets  and manual checklists 

Powered by an AI agent trained to think like a vulnerability researcher, Lema reveals the risks  that genuinely threaten the business. Rather than solely automating compliance workflows, the  system replaces them with objective, continuous forensic analysis – tracking vendor access to  critical assets, monitoring data movement, and evaluating permission changes over time. By mapping the real attack paths a third party could introduce, Lema identifies which vendors pose  the greatest risk and why, and provides actionable mitigation steps to reduce that exposure. This  approach allows enterprises to assess a new vendor in under five minutes. 

“We founded Lema because third-party risk needs to be treated like a security problem, not a  compliance checklist,” says Eddie Dovzhik, CEO and co-founder of Lema AI. “The industry is  relying on manual assessments that miss the real-time business context and impact third parties  have on the organization. Our platform was built by elite security researchers to think like an elite  security researcher – monitoring the actual ‘blast radius’ of a vendor to uncover the risks that can  actually take a business down.” 

“Third-party risk management has consistently ranked as one of the top three innovation  priorities for CISOs, according to Team8’s CISO Village Survey,” said Liran Grinberg, Co-Founder  and Managing Partner at Team8. “Yet most enterprises still manage this risk through outdated,  compliance-driven processes that leave critical blind spots – costing organizations millions each  year when third-party failures occur. Lema is the first platform to solve this by directly linking  third-party behavior to business-critical assets—giving security teams a dynamic, actionable view  of risk and fundamentally transforming how they secure their extended ecosystem.” 

Lema was founded in 2023 by Eddie Dovzhik (CEO), Omer Yehudai (CPO), and Tomer Roizman  (CTO) to close the security gap left by compliance-first tools. The company has already secured  major customers across multiple industries, including financial services and healthcare, as well  as Fortune 500 companies. The new funding will accelerate R&D for its autonomous vendor risk  analysis engine and expand its go-to-market organization to meet growing demand from highly  regulated and digitally driven enterprises.