Lema, an agentic AI security platform focused on enterprise supply chain risk raised $24M in a recent funding round. Since enterprises began relying on cloud apps and external services, third-party risk has quietly become the biggest security blindspot.
Enterprise supply chains depend on thousands of third party vendors yet existing solutions only focus on manual compliance. However, Lema AI helps to monitor and tackle these risks in real-time.
The Rising Threat of Third-Party and SaaS Risks
Companies today use thousands of third-party vendors, SaaS applications and AI partners to run critical operations. This dependency automatically widens the attack surface. According to Gartner, 60% of companies now rely on over 1,000 external vendors with each potentially interacting with sensitive systems and data.
At the same time, a Mckinsey report revealed that nearly one-third of data breaches occurred through third-party systems rather than internal systems. These incidents often involve misconfigured applications, unchecked access privileges or gaps in visibility into what external partners are doing in the corporate network currently.
Moreover, what makes this particularly concerning is that a lot of companies don’t take third party risks seriously. They see it as a checkbox exercise, rather than a dynamic threat that’s constantly evolving.
How Lema Plans To Change the Game
To fix this problem, Lema AI came out of stealth mode in 2026 with $24M in Series A funding. This funding round was led by Team8, with F2 Venture Capital leading the Seed round and participation from Salesforce Ventures.
Eddie Dovzhik, Omer Yehudai, and Tomer Roizman founded the startup in 2023. “We started the long and tedious ideation process,” said Dovzhik. “We were looking for a major problem, something that had a huge impact on businesses that the current solutions were not addressing.”
Finally, they landed on third-party risk management, an area they thought was traditionally overlooked as companies increasingly depend on thousands of external vendors, from cloud providers to SaaS tools to AI startups, many of which have deep access to sensitive systems and data.
In addition, Lema uses agentic AI that continuously analyzes vendor activity across the enterprise environment. It tracks things like access patterns, permission changes, and data movement, and it highlights where real threats exist long before they trigger alerts in traditional systems
Ultimately, by modeling how third-party interact with critical systems and data, Lema AI can detect potential “blast radius” risks and provide security teams with actionable insights instead of checkboxes.
The Future of Risk Management
Fortunately, this funding occurred at a time where enterprises are starting to see third-party risk as strategic security priority. With SaaS ecosystems growing more interconnected and breach incidents involving external vendors becoming more common, tools that actively monitor and counter real-world threats may become essential for safeguarding data and business continuity.
Lema’s Series A will help to accelerate research, expand its platform and reach companies that cannot afford to wait for reactive approaches to catch up with modern risk realities. As SaaS and AI integrations grow, enterprises will increasingly turn to solutions that offer dynamic, proactive defense rather than static compliance.
