You’re reading the story of Koi raising $48M to fix security gaps in unmanaged apps. This is the move that shifts how enterprises defend their software layers.
Koi Security overview: security of unmanaged software components on endpoints
Koi Security, founded in 2024 by Unit 8200 alumni, works to see every software component on endpoints, including extensions, AI models, packages, and apps. The origin includes a white-hat test over VSCode showing how unmanaged components can undermine trust. This event occurred the same week as real-world exposure affecting more than 300 organizations.
Funding markers: $10M seed and $38M Series A
Funding wise, this project has moved beyond talks. A $10 million seed in December 2024 led by Picture Capital and NFX, with Cerca Partners, preceded a $38 million Series A in August 2025 led by Battery Ventures and Team8, with continued support from Picture Capital, NFX, and Cerca Partners.
Why this matters in the market: endpoint security and unmanaged software risks
Why this matters: the market context. Endpoints are the new attack surface. Unmanaged software like AI models and browser extensions can leak passwords, keys, even proprietary code. The global endpoint secuity market was about $15B in 2024, with a 10-12% CAGR through 2030. 83% of B2B firms plan more cybersecurity spending, while 79% pursue better customer experience tech.
Platform benefit: visibility, risk scoring, and policy enforcement
It’s growing quickly. Koi’s platform promises real visibility into every endpoint component, risk scoring for risky extensions and AI models, and policy enforcement that keeps security tight without killing productivity.
Origins and evolution: from VSCode hack to ExtensionTotal to a broader platform
It originated from the VSCode hack, now ExtensionTotal, and evolved into a broader security platform that integrates with existing EDR tools. If you are evaluating security systems, this is a complementary layer rather than a silo.
Business performance: revenue and client retention signal product-market fit
From a business angle, the numbers aren’t cute. Revenue topped $1 million in the first eight months and they kept every initial client active. That’s not luck, that’s product-market fit showing up in churn stats and wallet share, especially with multi-billion-dollar companies and government networks in the mix. It’s giving confidence to investors and customers alike.
Regulatory alignment: NIST, CMMC, and end-to-end visibility
Regulatory savvy matters, too. This lines up with U.S. cybersecurity frameworks like NIST and CMMC, supporting compliance by giving end-to-end visibility over unmanaged software and helping safeguard software supply chains. When policy starts catching up to AI-enabled systems, Koi is already in position to help enterprises stay compliant without turning off innovation.
Future outlook: AI on endpoints, monitoring, and policy automation
What does the future look like for Koi and this space? AI on endpoints will keep growing, and so will the need to monitor those assets the moment they appear, not after the breach. The growth in endpoint security is steady, and Koi is positioned to benefit from product updates, automated risk analysis, and policy automation.
Market growth projection: growing spend on endpoint security through 2028
The 12%+ annual spend growth in the U.S. through 2028 is expected. If you’re building or securing an enterprise, unmanaged software creates a risk across the entire stack. Koi addresses this issue by providing visibility, control, and policy that support productivity. The $48M figure represents an expectation that the security model must evolve with the software we rely on daily.
Planned impact: go-to-market momentum, resilience, and extended protections
It supports go-to-market momentum, resilience, and protection in environments where extensions and AI models are used. We will see how this progresses.
Slide into my DMs if you need rizz on your pitch.
Sources:
