Key Takeaways
- Palo Alto Networks has completed its acquisition of Israeli cybersecurity startup Koi, finalizing a deal valued at approximately $400 million.
- Founded in 2024 by veterans of Israel’s elite Unit 8200, Koi raised $48 million, including a $38 million Series A round led by Team8, NFX, Battery Ventures, and Picture Capital.
- The acquisition marks Palo Alto Networks’ 12th Israeli cybersecurity purchase since 2014, representing half of its 24 major global deals over that period and reinforcing its strategy to expand from network security into cloud, endpoint, DevSecOps, and identity protection.
- Koi’s platform provides a control layer for incoming software, employing inventory management, real‑time risk analysis, automated enforcement, and an AI‑based engine to detect threats missed by traditional tools.
- Post‑acquisition, Koi’s technology will be integrated into Palo Alto Networks’ Prisma AIRS platform to secure AI‑driven endpoint workloads and will enhance Cortex XDR by improving visibility into risks posed by autonomous software.
- Palo Alto Networks positions the combined solution as a new category called “Agentic Endpoint Security,” designed to address threats arising from AI systems that can act independently and access sensitive data or critical infrastructure.
- The deal follows Palo Alto Networks’ record‑setting $25 billion acquisition of CyberArk in 2025, underscoring the company’s aggressive growth trajectory and focus on securing the next generation of software supply chains.
Acquisition Overview
Palo Alto Networks has closed its purchase of the Israeli cybersecurity firm Koi, finalizing a transaction that was initially estimated at around $400 million. The deal, first announced two months prior, brings Koi’s specialized technology under the umbrella of one of the world’s largest network‑security vendors. By securing Koi, Palo Alto Networks not only adds a promising startup to its portfolio but also signals its continued commitment to bolstering defenses around artificial intelligence‑driven workloads. The acquisition reflects a strategic move to stay ahead of emerging threat vectors that target the software supply chain and autonomous AI agents operating at the endpoint.
Koi’s Founding and Funding
Koi was established in 2024 by a group of veterans who previously served in Israel’s elite intelligence unit, Unit 8200. Leveraging deep expertise in offensive cyber operations, the founders identified a critical gap: while organizations routinely vet first‑party code, they often lack visibility into third‑party software extensions that can be weaponized. To address this, Koi raised a total of $48 million, with a substantial $38 million Series A round completed last September. Investors included prominent venture firms such as Team8, NFX, Battery Ventures, and Picture Capital, all of whom recognized the startup’s potential to disrupt traditional endpoint security models.
Strategic Importance for Palo Alto Networks
The acquisition of Koi aligns tightly with Palo Alto Networks’ broader growth strategy, which has increasingly emphasized diversification beyond legacy firewall products. Over the past decade, the company has pursued a series of bolt‑on acquisitions that have expanded its capabilities into cloud security, endpoint protection, DevSecOps, and identity management. By integrating Koi’s AI‑powered software‑supply‑chain safeguards, Palo Alto Networks aims to close a critical visibility gap that arises when autonomous AI tools interact with enterprise endpoints. This move not only augments its existing product suites but also reinforces its positioning as a full‑stack security provider capable of addressing next‑generation threats.
Historical Acquisition Pattern in Israel
Since 2014, Palo Alto Networks has completed twelve significant acquisitions of Israeli cybersecurity firms, accounting for half of its twenty‑four major global deals over the same period. Early purchases such as Cyvera (2014) and LightCyber (2017) laid the groundwork for advanced threat prevention and behavioral analytics. Subsequent deals in 2019—including Twistlock, PureSec, and Demisto—bolstered cloud‑native security, serverless protection, and orchestration‑focused incident response. More recent additions like Bridgecrew (2021), Cider Security (2022), Dig Security (2023), and Talon Cyber Security (2023) have continuously expanded the company’s reach into infrastructure‑as‑code security, application security, data protection, and zero‑trust network access. The Koi acquisition continues this trajectory, adding a niche focus on AI‑driven endpoint risk management.
Technology Overview of Koi
Koi’s core offering functions as a control layer that scrutinizes every piece of software attempting to enter an organization’s environment. The platform maintains an up‑to‑date inventory of all third‑party components, applies real‑time risk analysis to detect malicious or vulnerable code, and enforces automated policies to block threats before they reach endpoints. Central to its effectiveness is an AI‑based engine that evaluates software attributes—such as code provenance, behavior patterns, and anomaly signals—beyond the signature‑based or heuristic methods employed by conventional antivirus solutions. This approach enables Koi to identify sophisticated threats, including malicious extensions planted in popular developer marketplaces, which often evade traditional defenses.
Integration with Prisma AIRS and Cortex XDR
Following the acquisition, Palo Alto Networks plans to embed Koi’s technology into its Prisma AIRS (AI‑Ready Security) platform. Prisma AIRS is designed to secure AI workloads across clouds, data centers, and the edge, providing continuous monitoring, threat detection, and automated remediation for models and associated data pipelines. By integrating Koi’s supply‑chain inspection capabilities, Prisma AIRS will gain the ability to vet AI models, plugins, and extensions before they are deployed, thereby reducing the risk of poisoned or compromised AI assets reaching production environments.
In parallel, Koi’s enhancements will flow into Cortex XDR, Palo Alto Networks’ extended detection and response solution. The addition of deep software‑inventory and risk‑scoring data will improve XDR’s visibility into endpoint activities, particularly those involving AI‑generated scripts or autonomous agents. Security analysts will benefit from richer context when investigating alerts, enabling faster triage and more accurate attribution of incidents that stem from compromised third‑party AI components.
Concept of Agentic Endpoint Security
Palo Alto Networks has coined the term “Agentic Endpoint Security” to describe the new defensive paradigm introduced by the Koi integration. The concept acknowledges that modern endpoints are no longer passive recipients of user‑initiated actions; they increasingly host AI‑driven agents capable of making autonomous decisions, accessing sensitive data, and interacting with critical infrastructure. Traditional security models, which rely heavily on static policy enforcement and known‑threat signatures, struggle to keep pace with the dynamic behavior of such agents. Agentic Endpoint Security seeks to monitor, assess, and govern the actions of these autonomous systems in real time, applying zero‑trust principles and continuous validation to ensure that any AI‑generated activity adheres to organizational risk tolerances.
Broader Industry Trends and Future Outlook
The acquisition underscores a broader industry shift toward securing the software supply chain and the rise of AI‑enabled automation within enterprise environments. As organizations adopt large language models, generative AI tools, and autonomous microservices, the attack surface expands beyond conventional malware to include compromised model weights, malicious plug‑ins, and poisoned training data. Palo Alto Networks’ move signals that vendors must evolve from reactive, perimeter‑centric defenses to proactive, intent‑based security layers that can inspect and govern code at the point of ingestion.
Looking ahead, the combined capabilities of Koi, Prisma AIRS, and Cortex XDR are likely to inspire further innovation in AI‑risk management, potentially spawning new standards for model provenance, continuous integrity verification, and automated policy enforcement. Competitors may accelerate their own investments in AI‑focused endpoint protection, while regulators could begin issuing guidance on the accountability of autonomous software systems. For Palo Alto Networks, the Koi acquisition not only bolsters its product suite but also reinforces its reputation as a forward‑looking leader capable of anticipating and neutralizing the next wave of cyber threats.