Koi Security Lands $48M for Software Supply Chain Defense - September 11, 2025

Koi Security just raised $48 million from Battery Ventures and others to tackle a problem that makes security teams want to drink heavily: developers installing random shit on corporate networks.

The DC-based startup, founded by Unit 8200 veterans, targets the security nightmare of unmanaged software that traditional EDR tools completely miss. They've scaled to 500K+ endpoints and landed Fortune 50 clients, which suggests the problem is real and widespread.

EDR tools weren't designed for this modern shitshow where developers install random packages like they're collecting Pokemon cards.

The VSCode Marketplace Discovery That Launched Koi

Koi's origin story demonstrates the severity of modern software supply chain risks. The founding team discovered a significant security vulnerability in how enterprises manage software through the VSCode Marketplace, Microsoft's central hub for Visual Studio Code extensions.

To prove the risk, they created a fake extension called "Darcula Official" - designed to mimic a popular dark theme but secretly steal source code and machine details. Within a week, this proof-of-concept extension had infected over 300 organizations worldwide, including multibillion-dollar companies and a national court network.

"Enterprises have no real control over the software flowing into their environments," explained Amit Assaraf, co-founder and CEO of Koi. "Packages, AI models, MCPs, and extensions are now critical parts of the stack, yet they remain invisible to traditional tools."

Beyond Traditional Binary Security

Traditional endpoint security focuses on compiled binary software, but modern enterprises increasingly rely on noncompiled software including code, operating system packages, containers, extensions, AI models, and model context protocol (MCP) services. These components operate at higher layers but retain the ability to access sensitive information like passwords, authorization keys, and proprietary code.

Koi's Supply Chain Gateway serves as a central checkpoint for all software accessing enterprise endpoints. The platform provides unified software inventory, real-time risk analysis, automated policy enforcement, and preventative fixes to block noncompliant components before they reach endpoints.

AI-Powered Threat Detection Engine

The company developed Wings, an AI-driven security engine that uses threat intelligence, classification, and sandboxing to identify threats that traditional scanners overlook. This approach enables Koi to detect sophisticated supply chain attacks that exploit the trust relationships inherent in modern software distribution.

From their initial VSCode research, Koi developed ExtensionTotal, a product specifically focused on detecting risky code editor extensions. This formed the foundation for their broader endpoint security platform, which now covers the entire enterprise software ecosystem.

The Inevitable Enterprise Wake-Up Call

The rapid enterprise adoption suggests security teams finally realize they have no fucking clue what's running on their networks. Traditional EDR solutions were built for an era when IT controlled all software installations. Now developers download whatever they need from npm, pip, VSCode marketplace, and random GitHub repos.

"We've built a product that enables organizations to curate what software is allowed in," says Assaraf. That's the diplomatic way of saying "we help you stop developers from accidentally installing malware."

Of course, knowing you need supply chain security and actually implementing it are two different things. Most enterprises will wait until they get pwned by a malicious npm package, then panic-buy whatever security vendor can fix it fastest.

The real question is whether enterprises will pay for proactive security or wait for the inevitable breach like they always do.

So Koi Security raised $48 million to solve what security teams have been screaming about for years: developers treat the internet like their personal software buffet, and nobody knows what the hell is running on company machines.

Every Package Manager Is a Security Nightmare

Remember when enterprise software came on CDs and took months to approve? Now developers just `npm install whatever-seems-useful` and call it a day. Here's what's streaming into corporate networks:

• npm packages with maintainers nobody's ever heard of
• VSCode extensions that "just need to read your files"
• Docker images from random people on the internet
• AI models trained on who knows what data
• GitHub repos cloned straight into production

Every single one can access your secrets, steal your code, or phone home with whatever they want. Traditional security tools have no fucking clue any of this is happening.

Why Your EDR Is Useless Here

EDR tools were built for the Windows XP era when all software was signed executables from known vendors. They're completely blind to:

• Package installations happening in developer environments
• Extension permissions that basically give root access to everything
• Model downloads that could contain backdoors
• Container layers hiding malicious code
• Developer workflow tools that bypass all corporate controls

Koi basically built what EDR should have been if anyone had seen this shitshow coming.

The VSCode Hack That Proved Everything

Remember that fake "Darcula Official" extension Koi's team created? It infected 300 organizations in one week. Not because enterprises are stupid, but because the entire marketplace trust model is broken.

Developers see a dark theme extension with a familiar name and install it without thinking. Why wouldn't they? Microsoft's marketplace makes everything look official and safe. Except it's not.

That one experiment proved that:

• Name squatting works - fake official extensions fool everyone
• Marketplace vetting is garbage - malicious code gets through easily
• Developers trust blindly - if it's in the store, it must be safe
• Security tools are useless - traditional scanners detect nothing

Why This Is Actually Getting Funded

Koi's timing is perfect because:

SolarWinds scared the shit out of everyone: When Russian hackers owned half of corporate America through a software update, boards finally started caring about supply chain security.

Log4j broke the internet: One vulnerable Java library in everything suddenly made supply chain risks real and immediate.

Compliance requirements: Finance and healthcare regulators are starting to ask uncomfortable questions about software provenance.

AI models everywhere: Companies are downloading AI models from random internet sources and running them in production. What could go wrong?

The Wings AI Thing Actually Sounds Useful

Koi's Wings engine does threat detection on packages before they hit your network. It analyzes code, checks publisher reputation, and sandboxes suspicious stuff to see what it actually does.

That's genuinely useful because:

• Manual review is impossible - developers install hundreds of dependencies
• Static analysis isn't enough - malicious code can be obfuscated or delayed
• Reputation matters - packages from sketchy publishers should get extra scrutiny
• Behavioral analysis works - running code in a sandbox reveals actual intent

The Enterprise Reality Check

With $48 million, Koi can expand beyond just catching malicious packages. They're probably looking at:

• Container security - because Docker images are also a shitshow
• CI/CD integration - catch problems before they hit production
• AI model governance - because enterprises are downloading language models like Pokemon cards

But here's the real question: will enterprises actually use this proactively, or wait until they get pwned and then panic-buy whatever fixes the immediate problem?

Based on how enterprise security usually works, my money's on panic-buying after the breach.