Manifest, a cybersecurity startup focused on software and AI supply chain transparency, just raised $15 million in Series A funding—bringing its total to $23 million.

The round was led by Ensemble VC and backed by several big names, including AE Ventures, First Round Capital, Homebrew, Leap435, Overmatch VC, and XYZ.

Manifest is a full-stack visibility—from procurement to deployment—that sets Manifest apart from traditional tools:

• End-to-end SBOM lifecycle management: It doesn’t just generate SBOMs; it tracks, analyzes, and updates them automatically.
• AI supply chain visibility (AIBOMs): Manifest tracks AI models, datasets, dependencies, and even deployment behavior to catch tampering or malformed inputs.
• Real-time risk discovery: Think of it as automated threat intel for your internal and third-party code—before things break.
• Workflow integration: Built-in ticketing tools and shareable reports make it easier to collaborate across teams.

---

Who’s Already Using It?

This isn’t some untested tool looking for a market. Manifest is already being used by:

• The U.S. Air Force
• Department of Homeland Security (DHS)
• Multiple Fortune 500 companies
• Players in automotive, defense, and financial services

So we’re not just talking about theoretical value here. There’s real-world adoption, especially in sectors where risk tolerance is close to zero.

---

Why This Funding Round Matters

What excites me most about this raise is where Manifest is headed:

• Global expansion, starting with Europe
• Faster iteration on AI threat modeling
• More integrations into common DevSecOps workflows

According to co-founder and CEO Marc Frankel:

“The software supply chain is the new digital blind spot… It’s no longer acceptable to deploy software or AI without knowing what’s inside.”

I couldn’t agree more. If your team is building with LLMs or adopting GenAI across business units, you need to know exactly what’s running under the hood. Manifest is building the tools to give us that visibility.