Lema AI, an agentic AI security platform focused on third-party and supply-chain risk, has emerged from stealth with fresh funding of $24m.
The company has raised the capital in a Series A round led by Team8, with participation from Salesforce Ventures, while F2 Venture Capital led the earlier Seed round.
Lema AI positions itself at the intersection of cybersecurity and enterprise risk management, addressing the weaknesses of traditional compliance-led approaches to third-party oversight.
As organisations increasingly depend on thousands of external vendors across SaaS, payments and infrastructure, static questionnaires and point-in-time assessments have struggled to keep pace with the real risks those partners introduce. Industry research from Gartner shows that 60% of companies now rely on more than 1,000 vendors, significantly widening the potential attack surface.
Rather than automating existing checklists, Lema AI replaces them with continuous, forensic analysis powered by an AI agent designed to think like a vulnerability researcher.
The platform tracks how vendors access critical assets, monitors data movement and evaluates permission changes over time, mapping potential attack paths that could lead to enterprise-wide incidents. By focusing on real behaviour rather than declared compliance, Lema AI enables enterprises to identify their highest-risk vendors and understand why those risks matter.
The new funding will be used to accelerate research and development of Lema AI’s autonomous vendor risk analysis engine, while also expanding its go-to-market organisation. The company aims to meet rising demand from highly regulated and digitally driven enterprises that need faster, more accurate assessments of third-party risk, with new vendors reportedly assessed in under five minutes.
The approach reflects growing concern over supply-chain security failures. Analysis from McKinsey indicates that nearly one-third of recent cyber breaches originated from third parties, highlighting the limitations of manual spreadsheets and compliance-only processes that still dominate the market.
Lema AI CEO Eddie Dovzhik said, “We founded Lema AI because third-party risk needs to be treated like a security problem, not a compliance checklist. The industry is relying on manual assessments that miss the real-time business context and impact third parties have on the organization. Our platform was built by elite security researchers to think like an elite security researcher – monitoring the actual ‘blast radius’ of a vendor to uncover the risks that can actually take a business down.”
Founded in 2023 by Eddie Dovzhik, Omer Yehudai and Tomer Roizman, Lema AI has already secured major customers across sectors including financial services and healthcare, as well as several Fortune 500 companies. The $24m Series A follows the previously undisclosed Seed funding led by F2 Venture Capital.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
