The new endpoint reality

Enterprise endpoints today run much more than traditional executables. Developers and employees also are running AI coding agents, IDE plugins, open-source packages, browser extensions and even downloaded AI/ML models on these devices or within the browser. On top of that, developers are relying on AI agents and AI models to decide which libraries or packages they should use for a particular feature, refactor or migration. Each component can execute code and access data, yet they often slip past traditional endpoint defenses, creating dangerous security vulnerabilities.

This creates a double-edged sword: Productivity soars as teams self-provision tools, but security teams are left with a vast, unmonitored sprawl of code artifacts and app extensions. Attackers have noticed, and malicious extensions and corrupted packages are now a fast-growing vector for compromise. The attack surface has shifted from operating systems to the software layer. Gartner predicts that by the end of 2025, nearly half of organizations will experience software supply-chain attacks.

Why legacy tools are insufficient

Antivirus, EDR and app-control platforms were built for an earlier era. They excel at catching malware in binaries, but they struggle with non-executable artifacts like VS Code extensions or browser plugins. In practice, these tools lack visibility into what happens inside trusted apps, leaving a blind spot for attackers to exploit. Application allow-listing isn’t practical in this fast-moving environment, where developers, and now AI agents, install thousands of new components each month.

As AI development accelerates and software provisioning decentralizes, these blind spots only widen. Enterprises need security that moves earlier–governing software before it executes, not after.

Koi’s approach: Agentless endpoint artifacts security and governance

Koi* addresses this problem with an agentless platform for endpoint artifacts security and governance. The company’s product continuously discovers every software artifact, including executables and non-executables alike, across endpoints inside an organization. It then applies real-time risk scoring and enforces policies to block unsafe components before they cause harm.

Koi’s proprietary risk engine evaluates each artifact across multiple dimensions: publisher reputation, code behavior, version history, sandbox results and communication patterns. Its continually updated database, the Koidex, tracks extensions, packages,and models across dozens of marketplaces, surfacing threats that traditional tools miss.

The founding team first uncovered this gap by uploading a proof-of-concept VS Code extension, “Darcula Official,” which exfiltrated code and system details. Within a week, it spread into hundreds of organizations, including some of the most sophisticated security shops, undetected. This experiment validated the risk and inspired the creation of Koi’s broader platform.

Policies in Koi can be defined to automatically block high-risk installs, auto-approving safe tools or quarantining gray areas for review.

The super powers of the Koi platform

Koi stands out through:

• Coverage of non-executables: From browser extensions to AI models, Koi, in our view, protects what legacy EDRs cannot, solving a security gap across enterprise developers, employees, and AI Agents alike.
• Continuous, AI-driven analysis: Its risk engine adapts in real time as software versions change.
• Policy-based governance: Granular allow/block/remediate rules give security teams control without slowing developers.
• Low-friction deployment: No heavy agents; enterprises can roll out protection in hours.

In effect, Koi provides real-time supply chain security at the endpoint, bridging the gap between UEM, App Control, and EDR.

From JFrog* to Koi: A New Layer of Artifact Governance

At Battery, we’ve seen this play out before. More than a decade ago, we invested in JFrog, which pioneered the centralized artifact registry for DevOps teams. JFrog codified how organizations store, manage and distribute software components, solving chaos in the CI/CD pipeline.

We see Koi as the next logical step in this process: artifact governance at the endpoint. If JFrog was about managing artifacts centrally, Koi is about enforcing governance on the artifacts that ultimately land on employee machines extensions, packages and AI models. This bridges a gap legacy endpoint tools ignore, ensuring every artifact is monitored, risk-scored, and governed in real time, directly where it executes.

By positioning itself between UEM, EDR, and app control, Koi is not replacing these categories but complementing them, acting as a real-time, supply-chain firewall for the endpoint.

The team behind Koi

Founders Amit Assaraf (CEO), Idan Dardikman (CTO) and Itay Kruk (CPO) each bring a rare combination of deep cybersecurity, devtools and research pedigree. Prior to starting Koi, the three collectively spent decades in offensive security research and building developer-focused software. In fact, Koi’s genesis came directly from the team’s research experience: It took the team only 30 minutes to craft a malicious browser extension that bypassed top-tier enterprise defenses and compromised several billion-dollar companies. This eye-opening demonstration of marketplace risk–and  the realization that organizations had “shockingly little control” over such self-installed software–is is what sparked the idea for Koi. The founders then leveraged their expertise to architect a solution that could operate at the scale of modern enterprise IT. Their backgrounds include work in elite military cybersecurity units and leading security roles in industry, as well as firsthand understanding of developer workflows. This cross-domain experience has been crucial in designing a product that resonates equally with CISOs and developers. We’ve also been impressed with how Koi’s leadership has recruited talent around them: The company’s research arm regularly publishes findings on novel threats (demonstrating thought leadership in the space), and its engineering team comes with strong enterprise SaaS credentials. All of this gives us confidence that Koi not only has a great idea, but the team to execute on it.

Why we’re excited to partner with Koi

At Battery, we’ve long believed DevSecOps and modern software delivery are reshaping enterprise security. Each transition in the development lifecycle, from cloud to containers to CI/CD, has required new guardrails. The rise of AI-driven development is no different.

Koi embodies this next frontier. By governing the software ecosystem on endpoints, Koi enables organizations to embrace developer autonomy and AI-powered workflows without sacrificing security. We believe Koi is positioned to define a new category of endpoint protection, and we’re thrilled to partner with the team as they scale.

Want to make your regain control over every extension, MCP server or artifact in your workstation? Give it a try: https://www.koi.security/