Koi, a cybersecurity startup founded in 2024, has raised $48m to advance its approach to securing modern software environments.
The company, which positions itself as a pioneer in endpoint security, is tackling risks that traditional systems often overlook.
The new funding comprises a $38m Series A round, with investment coming from Battery Ventures, Team8, Picture Capital, and NFX. Cerca Partners also took part in the financing.
Koi focuses on addressing the blind spots left by conventional endpoint security tools. Traditional solutions such as endpoint detection and response (EDR) or mobile device management (MDM) were designed for binary applications. However, Koi targets non-binary software, including code and operating system packages, containers, extensions, AI models, and marketplace components, which now make up the majority of enterprise endpoint environments.
The fresh capital will be used to expand Koi’s platform, which acts as a central checkpoint for incoming software. Its technology provides visibility, real-time risk analysis, policy enforcement, and preventative remediation. Central to the system is its AI-first risk engine, known as Wings, which uses threat intelligence, classification, and sandboxing to stop malicious or non-compliant components before they reach user environments.
Koi’s origins trace back to an experiment by its founders, who previously served in Israel’s IDF 8200 unit. They created a fake extension on the VSCode Marketplace that secretly exfiltrated sensitive data. Within a week, the extension had infiltrated more than 300 organisations, including a major EDR developer and a national court system. This highlighted a critical vulnerability and inspired the creation of ExtensionTotal, a detection tool that later evolved into the broader Koi platform.
The company has already scaled rapidly, protecting more than 500,000 endpoints. Its customers include Fortune 50 firms, leading banks, and major technology companies. With several patents pending, Koi is positioning itself as the first endpoint security platform to fully address unmanaged, self-installed software.
Koi CEO Amit Assaraf said, “Enterprises have no real control over the software flowing into their environments. Packages, AI models, MCPs, and Extensions are now critical parts of the stack, yet they remain invisible to traditional tools. After launching ‘ExtensionTotal’, Fortune 50 companies have reached out, actively looking to buy our solution, long before we came up with one, out of which Koi was born. Koi was built to give security teams the visibility, intelligence, and control they need to govern modern software without slowing innovation.”
Team8 partner Ori Barzilay said, “Every major shift in enterprise infrastructure creates an opening for the next cybersecurity leader. Koi is building a new layer of endpoint protection focused on the software perimeter – an area traditional tools overlook. This is a strategic investment in a strong founding team, including two alumni from our earliest portfolio company, ‘Sygnia’, and in what we believe will become the new standard for securing modern endpoints.”
Battery Ventures partner Barak Schoster said, “Koi is tackling one of the biggest blind spots in enterprise security: unmanaged software and AI-driven tools that traditional platforms miss. They’re redefining workstation security, and we’re excited to support this visionary team.”
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
