Palo Alto Networks is acquiring Israeli cybersecurity startup Koi for an estimated $400 million. The cybersecurity giant is continuing its acquisition spree from 2025, after completing its $25 billion purchase of CyberArk and acquisitions of Chronosphere for $3.35 billion and Protect AI for $500 million.
The deal marks a rapid and lucrative exit for Koi’s investors and founders. The startup has raised just $48 million to date, primarily in a $38 million Series A round last September. Founded in 2024 by alumni of the IDF’s elite 8200 Intelligence Corps technology unit, Koi operates in the enterprise endpoint protection space. Its investors include Team8, NFX, Battery Ventures, and Picture Capital.
Palo Alto CEO Nikesh Arora visited Israel in December, meeting with CyberArk employees ahead of that acquisition’s closing while also evaluating local startups for potential deals. Arora emphasized that the rapid changes AI technologies are bringing to the cybersecurity sector have created a need to consolidate endpoint solutions, including XDR and EDR offerings. The acquisition of Koi aligns with this strategic focus.
Koi was founded in 2024 by Amit Assaraf (CEO, founder of real estate startup Landa), Idan Dardikman (CTO), and Itay Kruk (CPO), ex-Sygnia, Zscaler, after uncovering a major security gap in the VSCode Marketplace. To prove the risk, they built a fake theme extension, dubbed “Darcula Official,” added code that secretly sent developers’ source code and machine details to their server, and uploaded it to the VSCode marketplace all within 30 minutes. Within a week, they’d manage to infect over 300 organizations worldwide, including multi-billion-dollar companies, one of the world’s biggest EDR developers, and a national court network, landing on the VSCode marketplace’s 4.5M-view front page. The experiment led to the creation of “ExtensionTotal” to detect risky extensions, which quickly evolved into Koi’s broader security platform.
Koi has since built a platform designed to fill a crucial gap in enterprise security. Its main product, Supply Chain Gateway, serves as a central checkpoint for all incoming software. It provides software inventory management, real-time risk analysis, automatic policy enforcement, and proactive blocking of dangerous code. At the heart of the system is Wings, an AI engine that classifies software components, tests them in isolated environments, and identifies threats that traditional scanners often miss. This allows security teams to control software installation proactively, rather than reacting after breaches occur.
Koi currently protects over 500,000 endpoints globally. Its platform is deployed across Fortune 50 companies, major financial institutions, and leading technology corporations, demonstrating significant market demand and the platform’s operational maturity.
After the close of the acquisition, Koi’s Agentic Endpoint Security will extend to Palo Alto Networks’ Prisma AIRS, its leading AI security platform. This integration will broaden coverage across critical AI-driven operations. Concurrently, it will enhance Cortex XDR’s endpoint security solution providing significant visibility into the AI attack surface to improve security policy and malware prevention.
“AI agents and tools are the ultimate insiders. They have full access to your systems and data, but operate entirely outside the view of traditional security controls,” said Lee Klarich, Chief Product & Technology Officer, at Palo Alto Networks. “By acquiring Koi, we will be closing this gap and setting a new standard for endpoint security. We will give our customers the visibility and control required to safely harness the power of AI—ensuring that every agent, plugin, and script is governed, verified, and secure.”
Amit Assaraf, CEO and Co-Founder of Koi, said: “We founded Koi to secure the next frontier of risk. In an agentic-first world, traditional solutions are blind. Joining forces with Palo Alto Networks will allow us to scale our technology to the world’s largest organizations, delivering protection that makes work on the modern AI-native endpoint secure by design.”
