Enterprise endpoints today run much more than traditional executables. Developers and employees also are running AI coding agents, IDE plugins, open-source packages, browser extensions and even downloaded AI/ML models on these devices or within the browser. On top of that, developers are relying on AI agents and AI models to decide which libraries or packages they should use for a particular feature, refactor or migration. Each component can execute code and access data, yet they often slip past traditional endpoint defenses, creating dangerous security vulnerabilities.

This creates a double-edged sword: Productivity soars as teams self-provision tools, but security teams are left with a vast, unmonitored sprawl of code artifacts and app extensions. Attackers have noticed, and malicious extensions and corrupted packages are now a fast-growing vector for compromise. The attack surface has shifted from operating systems to the software layer. Gartner predicts that by the end of 2025, nearly half of organizations will experience software supply-chain attacks.

Why legacy tools are insufficient

Antivirus, EDR and app-control platforms were built for an earlier era. They excel at catching malware in binaries, but they struggle with non-executable artifacts like VS Code extensions or browser plugins. In practice, these tools lack visibility into what happens inside trusted apps, leaving a blind spot for attackers to exploit. Application allow-listing isn’t practical in this fast-moving environment, where developers, and now AI agents, install thousands of new components each month.

As AI development accelerates and software provisioning decentralizes, these blind spots only widen. Enterprises need security that moves earlier–governing software before it executes, not after.

Koi’s approach: Agentless endpoint artifacts security and governance

Koi* addresses this problem with an agentless platform for endpoint artifacts security and governance. The company’s product continuously discovers every software artifact, including executables and non-executables alike, across endpoints inside an organization. It then applies real-time risk scoring and enforces policies to block unsafe components before they cause harm.

Koi’s proprietary risk engine evaluates each artifact across multiple dimensions: publisher reputation, code behavior, version history, sandbox results and communication patterns. Its continually updated database, the Koidex, tracks extensions, packages,and models across dozens of marketplaces, surfacing threats that traditional tools miss.

The founding team first uncovered this gap by uploading a proof-of-concept VS Code extension, “Darcula Official,” which exfiltrated code and system details. Within a week, it spread into hundreds of organizations, including some of the most sophisticated security shops, undetected. This experiment validated the risk and inspired the creation of Koi’s broader platform.

Policies in Koi can be defined to automatically block high-risk installs, auto-approving safe tools or quarantining gray areas for review.

The super powers of the Koi platform

Koi stands out through:

• Coverage of non-executables: From browser extensions to AI models, Koi, in our view, protects what legacy EDRs cannot, solving a security gap across enterprise developers, employees, and AI Agents alike.
• Continuous, AI-driven analysis: Its risk engine adapts in real time as software versions change.
• Policy-based governance: Granular allow/block/remediate rules give security teams control without slowing developers.
• Low-friction deployment: No heavy agents; enterprises can roll out protection in hours.

In effect, Koi provides real-time supply chain security at the endpoint, bridging the gap between UEM, App Control, and EDR.

From JFrog* to Koi: A New Layer of Artifact Governance

At Battery, we’ve seen this play out before. More than a decade ago, we invested in JFrog, which pioneered the centralized artifact registry for DevOps teams. JFrog codified how organizations store, manage and distribute software components, solving chaos in the CI/CD pipeline.

We see Koi as the next logical step in this process: artifact governance at the endpoint. If JFrog was about managing artifacts centrally, Koi is about enforcing governance on the artifacts that ultimately land on employee machines extensions, packages and AI models. This bridges a gap legacy endpoint tools ignore, ensuring every artifact is monitored, risk-scored, and governed in real time, directly where it executes.

By positioning itself between UEM, EDR, and app control, Koi is not replacing these categories but complementing them, acting as a real-time, supply-chain firewall for the endpoint.

The team behind Koi

Founders Amit Assaraf (CEO), Idan Dardikman (CTO) and Itay Kruk (CPO) each bring a rare combination of deep cybersecurity, devtools and research pedigree. Prior to starting Koi, the three collectively spent decades in offensive security research and building developer-focused software. In fact, Koi’s genesis came directly from the team’s research experience: It took the team only 30 minutes to craft a malicious browser extension that bypassed top-tier enterprise defenses and compromised several billion-dollar companies. This eye-opening demonstration of marketplace risk–and  the realization that organizations had “shockingly little control” over such self-installed software–is is what sparked the idea for Koi. The founders then leveraged their expertise to architect a solution that could operate at the scale of modern enterprise IT. Their backgrounds include work in elite military cybersecurity units and leading security roles in industry, as well as firsthand understanding of developer workflows. This cross-domain experience has been crucial in designing a product that resonates equally with CISOs and developers. We’ve also been impressed with how Koi’s leadership has recruited talent around them: The company’s research arm regularly publishes findings on novel threats (demonstrating thought leadership in the space), and its engineering team comes with strong enterprise SaaS credentials. All of this gives us confidence that Koi not only has a great idea, but the team to execute on it.

Why we’re excited to partner with Koi

At Battery, we’ve long believed DevSecOps and modern software delivery are reshaping enterprise security. Each transition in the development lifecycle, from cloud to containers to CI/CD, has required new guardrails. The rise of AI-driven development is no different.

Koi embodies this next frontier. By governing the software ecosystem on endpoints, Koi enables organizations to embrace developer autonomy and AI-powered workflows without sacrificing security. We believe Koi is positioned to define a new category of endpoint protection, and we’re thrilled to partner with the team as they scale.

Want to make your regain control over every extension, MCP server or artifact in your workstation? Give it a try: https://www.koi.security/

The post Redefining Endpoint Security in the AI Era: Why We Invested in Koi appeared first on Battery Ventures.

The most notable example is Windsurf. The promising AI company was set to be acquired by OpenAI, but then Google swooped in and paid $2.4 billion for a few senior executives and a technology license. But this wasn’t the first instance of this new tech-deal structure. We have now seen it executed at least five other times in the last two years, and the whisper in the industry is that other companies have been approached about similar tie-ups.  

The details of these deal dynamics, and their impact on company employees and investors, have been hotly debated in the press and on social media. But it’s worth exploring why this new wave of AI M&A is happening—and how conditions need to evolve for tech M&A to get back to normal. Put another way: When will big tech acquirers start buying AI companies not just for their teams, but for their durable business moats? 

To be sure, traditional M&A is still happening: Google is in the process of closing its $32 billion acquisition of Wiz, for example. But it’s instructive to compare that deal to the Windsurf transaction. The latter company was a legitimate contender in the AI coding space, a category proving to have one of the strongest signs of product-market fit. The company was growing quickly, hiring aggressively, and had real enterprise customers.  

So why didn’t Google want to acquire the whole thing? In our view, it likely comes down to two factors: 1) The incredibly rapid pace of innovation in AI, which is faster than any previous technology wave we’ve seen, and 2) the scarcity of top-level talent to run cutting-edge AI businesses today. When those dynamics change, and more-mature companies with deeper competitive moats (and more skilled executives) develop, we will likely see a return to pre-AI M&A trends. 

From eyeballs to AI research teams 

Our overall belief is that the current wave of Windsurf-like, talent-license deals are a clear indicator of how early we are in the AI cycle. During the dot-com bubble of the late 1990s and the early mobile era of the 2010s, M&A was often valued based on “eyeballs” and talent that could drive distribution. Today, these deals are valued based largely on the caliber of a company’s elite research team, not enterprise value. The frontier of AI is still being pushed by labs and research teams with immense talent density. Maturation will come from two primary sources: 

• Deeper vertical integration: As startups move from being thin wrappers around foundational models to becoming “fat applications,” they will build more defensible value. This involves owning more of the stack, from data ingestion and processing to model fine-tuning and deployment. For example, companies like Cursor have built their own models for certain features, like Tab, that far exceed the outputs from the AI labs. Meanwhile, Sierra continues to push how much infrastructure it can own by building its own agent-orchestration framework to optimize inference across its system. As companies own more proprietary aspects of their respective stacks, value will accrue to their unique IP. 

• Uncovering the new interaction layer: Many AI-native applications today are built within the UI layers of existing systems and applications. Where people do work, where they orchestrate agents or interact with AI systems will matter in the future, and unlocking this new layer of engagement will matter as well. As we shift from innovating at the infrastructure layer to the application and UI layer, we will see the change in which value accrues among companies as well. 

The coming democratization of AI talent 

The current deal structures are a direct reaction of an incredibly competitive AI labor market for a small pool of elite AI researchers and AI-native builders. These individuals are seen as non-reproducible assets, making their acquisition the primary goal in M&A. When technological breakthroughs depend—as they do in AI today—on novel techniques in data labeling, training, compute optimization, and model architecture, the value in these techniques resides in the talent that can produce these outcomes, not necessarily the outcomes themselves. 

As AI development becomes more democratized through innovation, the open-source ecosystem, and standardized platforms, the acute scarcity of top-tier talent will lessen. When a team is no longer a rare commodity that can only be acquired whole, the rationale for talent-centric deals will fade. Value will shift back to the company as a holistic entity: a collection of talent, technology, and market traction. While the talent game will likely dictate the market for the next 12-24 months, the democratizing force of AI will ensure that speed of progress and slope of learning will always outpace the sheer volume of talent at any single organization. 

Build a moat 

Product moats today are fleeting, as the pace of AI innovation far outpaces any single company’s ability to create lasting defensibility. For strategic M&A to flourish, acquirers need to see durable competitive advantages worth buying. It is not that tech giants are unwilling to make large, strategic acquisitions. In addition to Google’s planned acquisition of Wiz–a prime example of an acquisition made for the traditional reasons of superior tech, talent, and traction—Databricks* has been an active acquirer recently, buying MosaicML for $1.3B, Tabular for $1B, and Neon for $1B. Databricks has integrated these key assets to build a comprehensive data intelligence and AI platform. 

These deals were justified by the targets’ strategic value, not just their talent. We believe AI-company moats will evolve in one or more of the following areas in the coming years, helping these startups become more viable acquisition candidates: 

• Proprietary data: Companies with unique, high-quality data that creates a feedback loop will help improve AI models in a way competitors cannot replicate. 

• Distribution & network effects: A large, engaged user base makes the product more valuable as more people use it. 

• Workflow integration: Deeply embedding an AI tool into a critical business process makes it difficult and costly for customers to switch or meaningfully changing the outcome of a business process. This makes the product “sticky” and boosts revenue. 

The path forward 

The structures influencing the market today will inevitably change. While talent-licensing deals offer speed, they lack certainty for the ecosystem. The rise of private-to-private M&A, led by companies like Stripe (which acquired stablecoin platform Bridge for $1.1B) and Databricks, is a positive signal, indicating a healthy market where growing companies acquire others for strategic capabilities. 

Furthermore, the governance structures between founders and investors will likely evolve, with greater scrutiny placed on key-person clauses and terms that could trigger a premature liquidity event (i.e., does a non-exclusive license trigger protective provisions for investors?). These hybrid structures are inherently flawed, in our view, as they can erode trust. But with the stakes involved, they represent a workaround that will likely make its way into the ecosystem. The real sign of a maturing market will be when acquiring a company is once again about buying a kingdom, and not just hiring its court. 

The post Kingdoms and Courts: The “Windsurf Effect” and How We Get Back to Normal in Tech M&A  appeared first on Battery Ventures.

As anyone following today’s tech headlines knows, a lot has changed for the chip giant, unfortunately. Intel is widely acknowledged to have missed the mobile-computing revolution and, more recently, ceded the silicon limelight to Nvidia, the GPU pioneer whose chips are now fueling the current AI boom (and whose market value is nearly 30 times Intel’s.) Intel’s star has fallen so much that there’s been serious discussion that the company could get acquired by another large tech company or even be taken private by investors. Recently, the Wall Street Journal reported the company could be split, with its operations taken over by rivals TSMC and Broadcom.

How did this happen? Here, I’ll explore some of the lessons Intel’s shifting fortunes could hold for AI leaders trying to navigate the current technology landscape, where silicon continues to drive so much innovation and technology cycles are moving faster than ever.

The main problem: complacency

Intel’s woes have a host of causes, but to me the chief one is complacency. The company’s original, founder-driven mentality – which had propelled it to dominate the CPU market with over 90% share in PCs and servers – began to shift a couple of decades ago. Under former CEO Paul Otellini’s sales-driven leadership, Intel expanded its business significantly but missed critical emerging markets, including gaming (Nvidia’s former sweet spot), mobile computing and then cloud services. While Intel focused on protecting its existing markets, Nvidia spotted the graphics-processing unit (GPU) opportunity—first in gaming, then crypto, and now AI.

Similarly, Amazon Web Services turned “small” cloud services into a $27B+ quarterly revenue stream. Even Microsoft, Intel’s longtime “Wintel” partner, innovated out of its old PC-centric business model to become a major player in cloud and quantum computing and now AI. Intel, instead, focused on protecting its existing business.

So how can today’s startup founders stay nimble and avoid getting caught up in the complacency trap?

1. Stay in “founder mode.”

Y Combinator Founder Paul Graham made news last year with his essay extolling the virtues of what he called “founder mode.” According to Graham, successful tech-company founders should stay engaged in all aspects of their business—what might be called micro-managing—instead of handing over the reins to professional managers (who operate in “manager mode”, hiring good people and delegating work to them.)

Intel, like many large companies, morphed from a founder-led business—it was started by Gordon Moore and Robert Noyce in 1968, with Grove as its third employee—to one run by executives more focused on management and sales. Paul Otellini ran the company from 2005 to 2013 as the first non-engineer to serve as CEO. While he managed a lucrative partnership with Apple, he also misread the size of the mobile-computing market and the fact that less-powerful, “good enough” chips could power the next generation of computing.

Similarly, today’s startups can’t afford to dismiss adjacent markets or emerging use cases, particularly with the length of technology cycles shortening. Our portfolio company Databricks* is a great example. The company’s evolution from a business that developed the Apache Spark open-source processing system, focused on big data workloads, into one that made 1) software-defined data warehouses, and now 2) comprehensive AI/ML platforms, demonstrates the importance of constant reinvention while maintaining core strengths.

Interestingly, Databricks had seven original founders, all academics at the University of California at Berkeley. One of them, Ali Ghodsi, still runs the company today.

Other notable companies have engineered similar transformations. As mentioned, Microsoft successfully transitioned from the PC to the cloud era and then to AI; the company’s biggest source of revenue is currently its “intelligent cloud” business segment. Apple went from being known for candy-colored computers to changing the world with the iPhone, while Netflix morphed from a DVD movie-rental service into a major producer of award-winning movies and TV shows.

2. Stay close to the customer

I think the Intel story also demonstrates that product innovation requires customer proximity. Intel grew distant from end users over time, focusing on selling its products to system-integrator go-betweens instead of more directly to customers. Its foundries essentially sold chips to Intel’s internal PC division, cutting the company off from real market feedback about its products.

Nvidia took the opposite approach: The company doesn’t just build chips, but creates complete solutions based on customer needs. I see Nvidia and its charismatic CEO, Huang, constantly engaging with customers at events. He’s constantly collecting data about how machine-learning workflows evolve and building both hardware and software to meet those needs—even though he’s already running a business that had $60.9 billion in revenue in its fiscal year ending in January 2024.

Nvidia owns around 90% of the GPU market, but Huan clearly wants to understand trends in AI applications and use cases while thinking ahead about what architectural decisions will create the next opportunities for his company.

3. Stay product-driven

Maintaining a product-driven culture inside a company is always crucial for innovation, and no company exemplifies that better than Intel. For years, the company was an undisputed industry leader and employed some of the smartest engineers in the industry. Under Grove, it operated under a mantra of “productive paranoia”: constantly anticipating potential market threats and using that fear to help drive innovation quickly and seize new opportunities before they’re apparent to everyone else.

Grove dramatically shifted Intel’s direction from dynamic random-access memory (DRAM) chips to microprocessors in the mid-1980s, for example, which represented a huge and risky shift for the company. But Grove’s intuition, like Huang’s with his graphics chips, was correct. Years later, in my view, under subsequent CEOs, Intel’s leadership became increasingly focused on sales and market protection rather than innovation.

Today’s AI upstarts can learn from these decades-old product shifts. I firmly believe that most of the value from AI will come at the application and middleware layer, and that raising hundreds of millions (or billions) of dollars to compete at the AI foundation layer with much larger tech companies (Microsoft, Facebook) is a losing game. Getting as close as possible to your end customer, and seeing how they’re deriving value from your specific application, is the way to go.

The next few years will determine which AI companies can learn from Intel’s experience and which will repeat its mistakes. For founders building in this space, the message is clear: Your current success is just the beginning. Stay hungry, stay close to your customers, and never stop innovating. The market won’t wait for those who don’t.

The post Only the Paranoid Survive: Lessons from Intel and Andy Grove for Today’s AI Startups appeared first on Battery Ventures.

That’s catching the attention of huge tech players like GitHub, AWS, Google and OpenAI, as well as startups who see a huge opportunity here. We see promise in this emerging space, which is why we’re excited to announce our investment in Baz*, the company that helps engineers and AI agents to build better code. Here’s some context on our outlook, and more thoughts about the market opportunity.

The tech stack is being re-written

• With AI tools becoming mainstream for more and more business and consumer applications, more developers are being tasked with adapting and, often, rewriting their tech stack.
• We’re seeing an unprecedented increase in code generation. This surge creates a proportional need for both upstream and downstream support. The more code AI produces, the more there is to host, review, verify, and refine.
• The TAM for tools that can handle this volume, we believe, is expanding at a breakneck pace.

A cycle of errors amplifies tech debts

• With better evaluation and reflection criteria, the inefficiencies of AI in real-world scenarios are becoming more apparent.
• Each cycle of fixing AI-generated code opens up new avenues for software that can predict and prevent these errors, making the market for advanced debugging and quality assurance tools increasingly exciting.
• The more developers rely on AI, the more they’ll need tools to manage the resultant complexity, pushing the TAM for these solutions skyward.

Educating the masses

• The knowledge gap between what AI can do and what developers need to know to use it effectively is widening. This educational need, as subtly pointed out in discussions around AI coding, isn’t just about training; it’s about tools that democratize AI coding benefits for all skill levels.
• Educational platforms combined with AI-assisted code review tools represent a burgeoning market segment, exponentially increasing the TAM as more individuals and companies seek to upskill their workforce in this new paradigm.

Implementing human oversight

• The shift towards more agentic AI in production is a clear indicator of market growth. On the other end, tools that ensure that agentic capabilities run with necessary human oversight are becoming essential.
• For example, this convergence of AI and human expertise in the review process creates a new space, one that’s growing as AI becomes more integrated into software development workflows.

Each inefficiency uncovered by AI generates opportunities for more tools. As AI coding becomes integral to production systems, new areas are emerging as critical components in every developer’s toolkit. The software giants are racing to lead the charge, proving that the future lies in the tools that make AI coding smarter, faster, and more reliable. This is a clear signal to the market: A migration is happening, and developer adaptation is coming.

Enter Baz

Baz’s two founders, Guy Eisenkot and Nimrod Kor, are both veterans of Bridgecrew*, a previous Battery investment where I was also a co-founder. There, along with co-founder Idan Tendler and Guy Eisenkot, we created a popular open-source tool for IaC Checkov. Now, Guy and Nimrod have decided to embark on a new journey to cater to the people we were always obsessed with making happy and more productive: developers.

Baz is handling the source control management gaps: Developers encounter constant friction with concepts like rebasing, merging, and conflict resolution—tasks that should be straightforward, but instead often lead to hours of lost productivity. These frustrations stem from a fundamental limitation: Today’s version-control systems treat code as static text rather than as dynamic, interconnected systems.

Baz is starting with code review, a critical bottleneck for teams, to lay the foundation for something far greater. By combining code and application behaviors, Baz evaluates how code changes impact running services, endpoints and APIs. This first step not only addresses the immediate inefficiencies in reviewing and merging code but also paves the way for a transformative vision: a coding system that truly understands code AST (abstract syntax trees, which are special data structures used in coding).

The promise, I feel, is enormous. By evolving version control to incorporate code comprehension, Baz can eliminate the guesswork and friction that slow developers today. Imagine a system that doesn’t just flag conflicts but explains their root cause, predicts downstream issues, and offers inline code edits.

The beginning: Enhancing the code-review interface

AI code generation positively impacts delivery pace but might also create fatigue in the review process due to trust issues with generated code. Baz is improving review velocity, release speed, and production uptime by reordering the review process using the order code function relationship, instead of doing it alphabetically. With Baz, code changes are correlated back to runtime metrics, and every change is automatically reviewed by its AI to analyze potential breaking changes, enforce coding standards, and improve code testing coverage.

Want to improve your review experience? Give it a try: https://baz.co/

The post The Code Generation Explosion and What It Means for Code Reviews: Our investment in Baz appeared first on Battery Ventures.