Koi Security Inc., a startup providing cybersecurity for enterprise endpoints, announced Wednesday it raised $48 million in early-stage funding to protect businesses against the growing risk surrounding self-installed software and other security blind spots.
The company said the funds were raised across a $10 million seed and a $38 million Series A round led by Battery Ventures, Team8, Picture Capital and NFX, with participation from Cerca Partners.
Founded in 2024, Koi’s platform aims to tackle the challenges posed by non-compiled software that is frequently installed on endpoint devices and servers. This includes various elements such as code, operating system packages, containers, extensions, artificial intelligence models, and model context protocol services that connect to AI models.
Endpoints in enterprise information technology represent any computer or device that connects to a computer network, such as laptops, mobile devices, servers and more. All of these devices represent potential attack surfaces for hackers to enter the network.
Amit Assaraf, co-founder and chief executive of Koi, said for a long time that attackers targeted software that interacts natively with the OS because, for the longest time, most software came in pre-compiled binary packages. Now that era is changing as more services are at a higher layer that still have the potential to leak security information such as passwords and authorization keys, important files or software code.
“Enterprises have no real control over the software flowing into their environments. Packages, AI models, MCPs, and extensions are now critical parts of the stack, yet they remain invisible to traditional tools,” said Assaraf.
The company was established after its leadership discovered a significant security flaw in the way enterprise businesses create their software supply chains through the VSCode Marketplace. This marketplace serves as the central hub where developers can find, download and publish their own software extensions for the Microsoft Visual Studio Code editor.
To prove the risk, they built a fake theme extension for the editor named “Darcula Official” and added code that secretly stole source code and machine details from end users.
They named the fake extension after a popular “dark color” theme that originated in the IntelliJ IDEA code editor from JetBrains. The additional “Official” in the title made it appear to be from an authoritative source. Within a week, the new extension had infected over 300 organizations worldwide, including prominent multi-billion-dollar companies and a national court network.
From that experience, the company developed its “ExtensionTotal” product, which could detect risky extensions installed in code editors. This informed the company’s development of a broader platform for endpoint security — Koi’s flagship product, Supply Chain Gateway — which covers security for software installed across the entire enterprise ecosystem.
Supply Chain Gateway acts as a central checkpoint for all software access endpoints, providing unified software inventory, real-time risk analysis, automated policy enforcement and preventative fixes to block non-compliant components. To create this, the company developed an AI-driven engine named Wings, which uses threat intelligence, classification and sandboxing to identify and eliminate threats that traditional scanners may overlook.
“We’ve built a product that enables organizations to curate what software is allowed in, and proactively block or remediate anything risky, malicious or non-compliant before it ever reaches the endpoint,” said Assaraf.
The company said that it has rapidly scaled to secure more than 500,000 endpoints worldwide and its platform is already integrated by some of the world’s largest enterprises, including Fortune 50 companies such as financial enterprises and major technology companies.
Image: Koi
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
