Backed by Battery Ventures, Team8, Picture Capital, and NFX, Koi secures the modern software layer that legacy endpoint tools were never built to protect, including packages, containers, extensions, AI models, and MCPs
WASHINGTON, D.C. / ACCESS Newswire / September 10, 2025 / Koi, the pioneer in endpoint security, today announces a $48M in seed and Series A funding, including a $38M Series A. The rounds were led by Battery Ventures, Team8, Picture Capital, and NFX, with participation from Cerca Partners. Koi addresses the growing risk of unmanaged, self-installed software by applying a centralized layer that delivers visibility, risk analysis, and policy enforcement for the blind spot in modern endpoint environments.
Traditional endpoint security tools like EDRs and MDMs were built to detect and secure binary applications. They were not built to address the new wave of non-binary software, such as code and OS packages, containers, extensions, AI models, MCPs and more. These now make up the majority of what runs on enterprise endpoints; over 90% of enterprise software is sourced from third-party registries, app stores, and marketplaces, often bypassing IT entirely. Developers and employees install them through self-service workflows, and security teams are left blind to what's actually running. Gartner predicts that by the end of 2025, 45% of organizations will experience software supply chain attacks.
Koi was founded in 2024 by IDF's 8200 elite intelligence unit alumni Amit Assaraf (CEO, founder of real estate startup Landa), Idan Dardikman (CTO), and Itay Kruk (CPO), ex-Sygnia, Zscaler, after uncovering a major security gap in the VSCode Marketplace. To prove the risk, they built a fake theme extension, dubbed "Darcula Official," added code that secretly sent developers' source code and machine details to their server, and uploaded it to the VSCode marketplace all within 30 minutes. Within a week, they'd manage to infect over 300+ organizations worldwide, including multi-billion-dollar companies, one of the world's biggest EDR developers, and a national court network, landing on the VSCode marketplace's 4.5M-view front page. The experiment led to the creation of "ExtensionTotal" to detect risky extensions, which quickly evolved into Koi's broader security platform.
"Enterprises have no real control over the software flowing into their environments. Packages, AI models, MCPs, and Extensions are now critical parts of the stack, yet they remain invisible to traditional tools," said Amit Assaraf, Co-founder and CEO of Koi. "After launching 'ExtensionTotal', Fortune 50 companies have reached out, actively looking to buy our solution, long before we came up with one, out of which Koi was born. Koi was built to give security teams the visibility, intelligence, and control they need to govern modern software without slowing innovation."
Koi is defining a new category in cybersecurity as the first endpoint security platform for the new software perimeter. Backed by pending patents, its platform addresses unmanaged, self-installed software visibility with the Supply Chain Gateway, a central checkpoint for all incoming software across endpoints. It unifies software inventory, real-time risk analysis, automated policy enforcement, and preventative remediation to block malicious or non-compliant components before they reach an endpoint. At its core is Wings, Koi's AI-first risk engine, leverages threat intelligence, classification, and sandboxing to detect and stop threats that bypass traditional scanners. Koi ensures only safe, compliant software is allowed to run in customer environments.
"Every major shift in enterprise infrastructure creates an opening for the next cybersecurity leader. Koi is building a new layer of endpoint protection focused on the software perimeter - an area traditional tools overlook." Said Ori Barzilay, Team8 Partner.
"This is a strategic investment in a strong founding team, including two alumni from our earliest portfolio company, "Sygnia", and in what we believe will become the new standard for securing modern endpoints."
Koi has rapidly scaled to protect more than 500,000 endpoints worldwide. Its platform is already securing some of the world's largest enterprises, from Fortune 50 companies to leading financial enterprises and major technology companies, underscoring its market traction and early success.
"Koi is tackling one of the biggest blind spots in enterprise security: unmanaged software and AI-driven tools that traditional platforms miss." Said Barak Schoster, partner at Battery Ventures. "They're redefining workstation security, and we're excited to support this visionary team."
About Koi
Koi is a cybersecurity company securing the modern software layer. Its flagship platform, the Supply Chain Gateway, delivers full visibility and control over self-installed software, from packages and containers to extensions and AI models, helping enterprises protect endpoints without compromising productivity. Koi is backed by Battery Ventures and Team8 and is headquartered in Washington, D.C. For more information, visit https://www.koi.security/
Contact:
Yuval Porat
Media consultant
Yuval@tellny.com
SOURCE: Koi
View the original press release on ACCESS Newswire:
https://www.accessnewswire.com/newsroom/en/computers-technology-and-internet/koi-raises-48m-to-reinvent-endpoint-security-for-the-modern-softw-1070373
