Entro, a Tel Aviv-based startup that is building a security platform that helps enterprises manage and protect their secrets like account credentials, certificates and API keys, today announced that it has raised a $6 million seed round led by StageOne Ventures and Hyperwise Ventures.  A number of angel investors, including Trusteer and Transmit Security founders Rakesh Loonkar and Mickey Boodaei, as well as Imperva founder Amichai Shulman also participated in this round.

Today’s enterprises often have to manage thousands of secrets across an ever-growing number of services — and often, they don’t even know how many their employees have created. These secrets are also often scattered and secret scanners and similar tools exist to ensure that this information doesn’t leak, these tools don’t know anything about the context in which these secrets are used. If there is a secret exposed in a piece of source code that already had its privileges removed, then that’s not exactly a high priority for remediation, for example.

The company was co-founded by Itzik Alvas (CEO) and Adam Cheriki (CTO), who first met during their time in the Israeli security forces. Alvas previously worked at a healthcare company and then as a senior SRE manager at Microsoft, while Cheriki worked in a number of security positions at large tech companies like IBM, Javelin Networks, Symantec and Broadcom.

“Secrets were always a big issue for me and for [Adam] as well,” Alvas told me. “We dealt with it for a long time and in our previous positions we were responsible for secret security. We saw how secrets are being created and handled without any proper security oversight — and we decided to do something about it.”

He noted that the team built Entro specifically with CISOs and security teams in mind. The service provides these stakeholders with insights into how their secrets are stored, be that in vaults, collaboration tools, cloud environments and SaaS platforms. It then analyzes the secrets it finds, correlates them to workloads and provides users with a straightforward dashboard that helps them understand any potential issues.

“We spoke with more than a hundred CISOs and heard the same complaints over and over,” said Alvas. “Companies have no idea how many secrets they hold in
the cloud, where they are, who is using them, and most importantly, how to protect them.”

Typically, companies use a multitude of tools to manage and secure their secrets, including scanners like Gitleaks, vaults from the likes of AWS, Azure or HashiCorp, and secret scanners for CI/CD like Cycode or Aqua’s Argon.

One of Entro’s major differentiators, Alvas noted, is that it is an end-to-end monitoring solution. Because of this, the service can understand the context of where secrets are used and is able to help developers and security teams prioritize which issues they should focus on. The company’s service also integrates with a company’s existing vaults, CI/CD systems, tools like Confluence where developers may share credentials and others. Within a few minutes, Entro can provide businesses with a single pane of glass to identify and remediate the secrets that are potentially at risk.

“In recent years, we have witnessed how companies were devastated by secret-based cyber-attacks that were highly damaging. Today, R&D teams are forced to manage a growing number of secrets in their development and tend to spread them across different vaults, repositories, and services, while security teams are having an incredibly hard time combatting this problem. This is where Entro Security comes to the rescue,” said Nofar Schnider, principal at StageOne Ventures.