Tenchi Security

High-Level Overview

Tenchi Security is a Third-Party Cyber Risk Management (TPCRM) company that helps organizations identify, monitor, and reduce cybersecurity vulnerabilities across their supply chains and vendor ecosystems[1][2]. Founded in 2019 and based in São Paulo, Brazil, the company develops Zanshin, a SaaS platform that provides continuous visibility into third-party security posture and enables collaborative risk remediation rather than adversarial auditing[1][3].

The company serves enterprise clients across financial services, healthcare, telecommunications, and insurance sectors[2]. Tenchi addresses a critical market gap: more than half of executives report insufficient understanding of cyber vulnerabilities in their supply chains, yet traditional vendor risk management relies on point-in-time assessments and self-reported questionnaires that fail to capture real-time threats[2]. Tenchi's customers report an 81% reduction in third-party vulnerabilities within the first month of implementation[3], indicating strong product-market fit and measurable impact.

Origin Story

Tenchi Security was founded in October 2019 by two seasoned cybersecurity veterans: Felipe Bouças (CEO) and Alexandre Sieira (CTO)[2][5]. Both bring 25+ years of global cybersecurity experience, including successful exits—Bouças and Sieira co-founded Cipher (acquired by Prosegur) and Niddel (acquired by Verizon), where they held senior product leadership roles[5]. This pedigree reflects deep domain expertise in managed security services and detection/response systems.

The founding team recognized that supply chain security had become a critical vulnerability for enterprises, yet existing solutions treated third parties as adversaries to be audited rather than partners to be supported. This insight shaped Tenchi's cooperative, remediation-first methodology—a departure from the compliance-heavy approach dominating the market[3].

Core Differentiators

• Cooperative Model: Unlike traditional vendor risk management, Zanshin operates with third-party consent and collaboration, positioning security improvement as mutually beneficial rather than punitive[3]

• Continuous Monitoring: Automated daily testing replaces labor-intensive annual audits and questionnaires, capturing real-time risk data rather than point-in-time snapshots[3]

• Source-Based Data Collection: Zanshin gathers security data directly from third-party systems rather than relying on external scans, scores, or self-attestation[3]

• Full Lifecycle Management: The platform manages risk across the entire vendor relationship—pre-contract, during engagement, and through ongoing monitoring—not just initial onboarding[3]

• Enterprise Backing: Accenture's strategic investment and integration into its managed security services offering validates the solution and provides distribution leverage through one of the world's largest security consulting firms[2]

Role in the Broader Tech Landscape

Tenchi operates at the intersection of two powerful trends: the explosion of supply chain cyber attacks and the shift toward cooperative, continuous security models. Traditional vendor risk management—built on annual questionnaires and compliance checkboxes—has proven inadequate as attackers increasingly target the weakest links in enterprise supply chains[2].

The company's timing is strategic. Enterprise security budgets are shifting from perimeter defense to supply chain visibility, and regulatory pressure (from frameworks like NIST and emerging data protection laws) is forcing organizations to demonstrate third-party risk oversight[2]. Accenture's investment signals that even mega-consulting firms recognize TPCRM as a distinct, high-growth category requiring specialized technology rather than manual consulting labor.

Tenchi's cooperative methodology also reflects a broader industry maturation: security is increasingly viewed as a shared responsibility rather than a zero-sum audit exercise. This philosophy resonates with modern enterprises seeking to strengthen their ecosystems rather than simply transfer risk to vendors.

Quick Take & Future Outlook

Tenchi Security is well-positioned for significant growth. The company raised $7 million in Series A funding in February 2024 from Bradesco PE&VC, L4 Venture Builder, and Accenture, with follow-on investments from existing backers MAYA Capital, Kinea, ONEVC, and GFC[1]. The funding explicitly targets aggressive global expansion, product development acceleration, and strengthened sales and marketing efforts[1].

The company's trajectory suggests it will become a category leader in TPCRM. Accenture's integration of Zanshin into its managed security services—and its positioning as the first "Project Spotlight" cybersecurity investment in Latin America—provides distribution at scale[2]. As supply chain attacks intensify and regulatory requirements tighten, demand for continuous, cooperative third-party risk management will accelerate.

The key question ahead: Can Tenchi scale beyond its Latin American stronghold to compete globally against established players? Its leadership pedigree, product differentiation, and strategic partnerships suggest yes—but execution in North American and European markets will determine whether it becomes a regional champion or a global platform.