AI-powered security tools are getting increasingly good at finding vulnerabilities, but a new Seattle startup is aiming to help software companies do the harder part: fixing them.
Emphere announced $2.1 million in pre-seed funding Thursday from AI2 Incubator and Outsiders Fund to automate the work of fixing software security flaws. It focuses on open-source distributions like Ubuntu, Debian, and Alpine, automatically patching known vulnerabilities for software companies that sell to banks and other regulated industries.
The startup was founded by CEO Ankit Kumar and CTO Pallav Gupta, who met as roommates at Northeastern University. Kumar spent six years in security at Uber, opening the kind of tickets that Gupta was on the other end of trying to fix as an engineer at CarGurus and Twitter.
“Remediation is going to be as important as detection, given the fact that exploitation is going to be super, super fast,” Kumar said in an interview. He noted that the companies Emphere’s customers sell technology to “won’t accept your software if it has a single critical vulnerability.”
The company says it has early revenue and a handful of signed customers, though it declined to name them. Emphere has a team of five, including two security researchers whose job is to play the role of hackers — attacking its patched images and confirming the fixes are good.
Emphere is entering a crowded market, though most security firms focus on finding vulnerabilities rather than fixing them. Its closest comparison may be Kirkland, Wash.-based Chainguard, the $3.5 billion software supply-chain company known for its secure pre-built software container images.
The biggest difference: where Chainguard generally asks customers to adopt its container images, Emphere says it patches the ones they already use.
The volume of security vulnerabilities has started to outpace what human teams can keep up with. A federal watchdog said in a May 26 report that the government’s National Vulnerability Database had a backlog of more than 27,000 unprocessed flaws, and projected that new vulnerabilities would surpass 60,000 in 2026 — nearly ten times the number a decade ago.
Emphere spun out from the AI2 Incubator, the Seattle startup program based at Pier 70. Its other backer, Outsiders Fund, is the early-stage firm co-founded by Austin McChord, who built the data-backup company Datto before selling it in 2017.
Kumar said Emphere plans to use the funding to grow its customer base and keep building out its platform. Longer term, it’s looking to expand into other areas of how software gets built and secured.
