Impart Security’s $12M Raise Tackles ‘Last Mile’ of Application Protection

In enterprise security, there’s an awkward silence that inevitably follows one question: “Can we set it to auto-block in production?”

Jonathan DiVincenzo, CEO and co-founder of Impart Security, has seen that silence play out many times. Now, his company, courtesy of $12 million, from a Series A led by Madrona Ventures, that they’ve finally solved what he calls “the last mile problem in application security.”

For years, security teams have been stuck choosing between two evils: leaving applications vulnerable to attack, or risking system instability by deploying untrusted automated tools in production. The result is often a defensive stance: monitor-only modes and watered-down protections that offer limited real-world security. “Most security teams I speak with enable a few generic rules but can’t implement anything beyond that due to the high cost of tuning, maintenance, and ongoing management,” DiVincenzo said on the company’s launch blog.

Impart Security’s approach looks to break from this mold. The company offers what it calls an Application Detection and Response (ADR) Engineering Platform, a programmable system that allows users to safely design, test, and deploy AI-driven security controls tailored to their applications. Unlike legacy “black box” tools that generate endless alerts with little context, Impart gives security teams the means to actively shape their defenses in real-time production environments.

Founded by DiVincenzo and fellow founders Marc Harrison and Brian Joe, who are seasoned security veterans from EdgeCast, Verizon, Signal Sciences, and Fastly, Impart has built a platform that detect threats and actively responds to them. Their growing roster of AI agents mimics a team of security engineers: the Traffic Inspector analyzes patterns, the Detection Engineer spots anomalies, the Security Architect tests rules in sandbox environments, and the Rule Engineer adapts to new threat vectors. These agents work in tandem, evolving the system’s defenses at “AI speed.”

This proactive model proved its worth during a recent attack targeting multiple Impart customers. They say Impart’s AI generated and deployed protective rules across environments in minutes. “When AI can be trusted to manage production changes without oversight, it transforms from an assistant into an autonomous operator,” DiVincenzo explained in a press release. “That’s the difference between traditional approaches to application security and genuine business transformation.”

Investor interest came after a rigorous diligence process, including feedback from CISOs at enterprise companies. “We evaluated dozens of AI security companies, but Impart was the only one that stood out because of its breadth, depth, and usability,” said Karan Mehandru, Managing Director at Madrona. “Every enterprise we speak with desperately wants to leverage the incredible benefits of AI… none of that is possible without a comprehensive security platform that is proactive, fully autonomous, and removes the burden from security teams.”

With funding now in hand, Impart plans to expand into three high-risk verticals: financial services, healthcare, and infrastructure- industries where downtime or data compromise has especially high stakes. It also intends to grow its partner ecosystem, embedding its capabilities more deeply into enterprise deployment pipelines.

Still, challenges remain. As DiVincenzo admits, “Building truly autonomous application security is more than a technical challenge. It’s a trust-building exercise that requires perfect execution over months, not weeks.” Convincing enterprises to let go of manual oversight, even when the evidence supports it: is a slow cultural shift. Different industries also have varying tolerances for automation, and Impart is learning to tailor its strategies accordingly.

The company’s real-world results are promising. According to one customer testimonial, its security team reduced time spent on false positives from 60% to near zero, freeing them for more strategic work. Another said its response time to emerging threats was cut from days to minutes. This signals a shift in how organizations can think about application security.

With its engineering-centric philosophy and AI-native platform, Impart is looking to prove that automation and trust are not mutually exclusive. In DiVincenzo’s words, “We’re not just building the security platform I always wished existed. We’re proving that AI can be trusted with the application security operations that keep businesses running.”