Cyber startup Koi raises $38M Series A to build a central checkpoint for enterprise software
The startup, founded by Unit 8200 veterans, was born from a VSCode hack and aims to give enterprises control over every application installed on their endpoints.
Cybersecurity startup Koi, which is developing a new layer of protection for enterprise endpoints, has raised $38 million in a Series A round. The investment was led by Battery and Team8, with Picture Capital, NFX, and Cerca Partners participating in the company's Seed round. Koi has raised a total of $48 million to date.
Full list of Israeli high-tech funding rounds in 2025
Koi addresses the growing risk of unmanaged, self-installed software by applying a centralized layer that delivers visibility, risk analysis, and policy enforcement.
“We decided to start the company last December and recruited NFX and Picture while continuing to work with our clients. We exceeded seven-figure revenues in eight months. We are now generating over $1 million in revenue, and every organization we began with is still our client,” said CEO and co-founder Amit Assaraf.
Koi was founded in 2024 by IDF’s 8200 intelligence unit alumni Amit Assaraf (CEO, founder of real estate startup Landa), Idan Dardikman (CTO), and Itay Kruk (CPO), ex-Sygnia, Zscaler, after uncovering a major security gap in the VSCode Marketplace. To prove the risk, they built a fake theme extension, dubbed “Darcula Official,” added code that secretly sent developers’ source code and machine details to their server, and uploaded it to the VSCode marketplace all within 30 minutes. Within a week, they’d manage to infect over 300 organizations worldwide, including multi-billion-dollar companies, one of the world’s biggest EDR developers, and a national court network, landing on the VSCode marketplace’s 4.5M-view front page. The experiment led to the creation of “ExtensionTotal” to detect risky extensions, which quickly evolved into Koi’s broader security platform.
Related articles:
“In contrast to many Israeli cyber companies, we didn’t start by sitting with security managers,” Assaraf told Calcalist. “We developed a thesis on how organizations consume software, then tested it like white-hat hackers. Within a week, we breached over 300 organizations, from banks to large software firms. Their security teams asked us for a solution, and that became our starting point.”
Koi’s flagship platform, the Supply Chain Gateway, delivers full visibility and control over self-installed software, from packages and containers to extensions and AI models. The startup says it has rapidly scaled to protect more than 500,000 endpoints worldwide.
