Cybersecurity startup Koi has raised $38 million in its Series A funding round. The round was led by Battery and Team8.
Earlier, Picture Capital, NFX, and Cerca Partners had invested in Koi during its Seed round. With this new funding, Koi has now raised a total of $48 million so far.
Koi tackles the rising threat of unmanaged, self-installed software by adding a centralized layer that provides visibility, risk assessment, and policy enforcement.
“We decided to start the company last December and recruited NFX and Picture while continuing to work with our clients. We exceeded seven-figure revenues in eight months. We are now generating over $1 million in revenue, and every organization we began with is still our client,” said CEO and co-founder Amit Assaraf.
Koi was founded in 2024 by three alumni of the IDF’s 8200 intelligence unit: Amit Assaraf (CEO, who also founded real estate startup Landa), Idan Dardikman (CTO), and Itay Kruk (CPO, ex-Sygnia and Zscaler). The idea came after they discovered a serious security gap in the VSCode Marketplace.
To show how dangerous the gap was, they created a fake theme extension called “Darcula Official.” They added hidden code that secretly collected developers’ source code and computer details. In just 30 minutes, it was live on the VSCode marketplace. Within a week, the extension had spread to over 300 organizations worldwide—including multi-billion-dollar companies, one of the world’s biggest EDR developers, and even a national court system. It even appeared on the front page of the marketplace with 4.5 million views.
This experiment led them to create ExtensionTotal, a tool to detect risky extensions. Over time, ExtensionTotal grew into a full security platform—and that’s how Koi was born.
“In contrast to many Israeli cyber companies, we didn’t start by sitting with security managers,” Assaraf told the media. “We developed a thesis on how organizations consume software, then tested it like white-hat hackers. Within a week, we breached over 300 organizations, from banks to large software firms. Their security teams asked us for a solution, and that became our starting point.”
Koi’s main product, the Supply Chain Gateway, gives companies clear visibility and control over self-installed software—whether it’s packages, containers, extensions, or even AI models. The startup says it has already grown quickly and now protects over 500,000 devices worldwide.
Read more- Oman’s Afouq and Egypt’s Prime Group Launch $265M AI & Advanced Technologies Zone in Muscat
