Enterprises are facing a major challenge as they ramp up the use of LLMs and agentic workflows: the container base images that power these applications are filled with security vulnerabilities inherited from previous versions.
An Israeli startup, Echo, has secured $35 million in Series A funding, bringing its total funding to $50 million, to address this issue by rethinking the way cloud infrastructure is constructed.
The funding round was led by N47, along with investment from Notable Capital, Hyperwise Ventures, and SentinelOne. However, the real focus is on the company’s ambitious objective to replace the disorganized open-source supply chain with a managed, “secure-by-design” operating system.
The Foundation of the Cloud
At the core of the modern internet lies container base images, which serve as the invisible basis for applications. These base images are analogous to the Operating System (OS) on a new computer, providing the essential functions and dependencies needed to run the software.
Companies like Netflix and Uber rely on these pre-built layers, such as Alpine, Python, or Node.js, to define the underlying runtimes and dependencies for their applications. However, the open-source nature of most base images means they often contain unnecessary components and potential security risks.
Echo’s CTO, Eylam Milner, highlights the dangers of using these bloated open-source images, comparing it to plugging a random computer found on the street into a network.
Traditional methods of addressing these vulnerabilities involve scanning the images for bugs and attempting to patch them. However, Echo’s research reveals that many official Docker images contain numerous known vulnerabilities from the moment they are downloaded, creating a significant challenge for enterprise security teams.
The Evolution of AI Infrastructure
Echo’s co-founder and CEO, Eilon Elhadad, draws parallels between the current situation and the past, where the industry transitioned from Linux to Enterprise Linux. Echo aims to become the “enterprise AI native OS,” providing a curated and secure foundation for the AI era.
Elhadad envisions Echo as the cornerstone of the AI-native era, emphasizing the critical role it plays in the technology landscape.
The Technology Behind Echo
Unlike conventional scanning tools, Echo operates as a “software compilation factory,” rebuilding images from scratch to eliminate vulnerabilities. The process involves compiling binaries and libraries directly from the source code, ensuring that only essential components are included.
Echo’s approach focuses on a two-step engineering process for each workload:
-
Compilation from Source: Echo starts with a clean slate, compiling binaries and libraries directly from the source code to reduce the attack surface.
-
Hardening & Provenance (SLSA Level 3): The resulting images undergo rigorous hardening with enhanced security configurations, adhering to SLSA Level 3 standards to ensure verifiable artifacts.
The outcome is a seamless replacement for developers, allowing them to switch to Echo’s registry and benefit from a cleaner, vulnerability-free OS layer while maintaining identical application functionality.
AI-Powered Security
Echo addresses the escalating “AI vs. AI” security battle by deploying a proprietary infrastructure of AI agents to manage vulnerability research. These agents continuously monitor new CVEs, conduct unstructured research, and facilitate self-healing processes to address vulnerabilities promptly.
This automated approach enables Echo’s engineering team to maintain a large number of secure images efficiently, a task that would typically require a substantial workforce.
Significance for CISOs
Echo represents a shift towards achieving “zero vulnerabilities by default” for technical decision-makers, reducing the time and effort spent on remediation. The platform has proven to save developer hours by eliminating the need to manually investigate and patch base image vulnerabilities.
Major enterprises like UiPath, EDB, and Varonis are already benefiting from Echo’s secure production workloads. As companies transition from containers to agentic workflows, having a trustworthy underlying infrastructure, managed by Echo, could define the future of DevSecOps.
While Echo’s pricing is not publicly disclosed, the company offers a consumption-based pricing model to align with the software development and deployment needs of its customers.
When it comes to SEO, one of the most crucial aspects is keyword research. By identifying the terms and phrases your target audience is searching for, you can tailor your content to meet their needs and attract more visitors to your site. Using tools like Google Keyword Planner or SEMrush can help you discover relevant keywords with high search volumes and low competition. Once you have a list of keywords, strategically incorporate them into your website content, meta tags, and headers to improve your site’s visibility in search results.
Another important SEO strategy is creating high-quality, engaging content. Search engines like Google prioritize websites that provide valuable information to users, so it’s essential to regularly update your site with fresh, relevant content. This can include blog posts, articles, videos, infographics, and more. By producing compelling content that addresses your audience’s questions and interests, you can establish your site as a trustworthy source of information and attract more visitors over time.
In addition to keyword research and content creation, optimizing your website’s technical aspects is also crucial for SEO success. This includes ensuring your site is mobile-friendly, has fast loading times, and is secure with HTTPS encryption. Search engines favor websites that provide a seamless user experience, so addressing these technical issues can help improve your site’s search engine rankings and overall performance.
Furthermore, building high-quality backlinks to your site from reputable sources can also boost your SEO efforts. Backlinks are links from other websites that direct traffic to your site, signaling to search engines that your content is valuable and authoritative. By creating compelling, shareable content and reaching out to other websites for collaborations and guest post opportunities, you can attract more backlinks and improve your site’s credibility in the eyes of search engines.
In conclusion, SEO is a critical component of any successful website strategy. By implementing keyword research, creating engaging content, optimizing technical aspects, and building high-quality backlinks, you can improve your site’s search engine rankings and attract more visitors over time. Remember that SEO is an ongoing process that requires dedication and consistency, so stay proactive in implementing these strategies to see long-term results.
