TL;DR: Koi just raised $48M to rebuild endpoint security for today’s reality: laptops full of extensions, containers, AI models, and code packages—not just classic binaries.
Their pitch is simple: see everything on the endpoint, score its risk with an agentic AI engine, and block what doesn’t belong.
That matters for Customer Success more than you might think.
What Koi actually fixes
Ten years ago, most endpoint attacks hit the operating system. Today, attackers go after the software we add on top—browser extensions, package managers, IDE add‑ons, model files, and more. These often slip past legacy EDR/MDM because they weren’t built for this layer.
Koi’s approach:
Full inventory of binary and non‑binary software on each device.
Continuous risk scoring via an AI risk engine.
Policy controls to allow, quarantine, or remove risky items before they cause trouble.
If security teams can finally control this sprawl, customers feel it—fewer incidents, faster audits, and less procurement friction.
If incidents are top of mind in your org, revisit our breakdown of access risks in Okta’s breach and the CS implications in Okta Data Breach Alert: Secure Customer Success Now!.
Why this matters for Customer Success
Security is not “someone else’s problem.” For CS leaders, it impacts:
Time‑to‑value. Security reviews often stall onboarding. Tighter endpoint controls mean smoother installs and faster first value. If onboarding is where you lose momentum, start with Why Most Onboarding Fails Before It Even Starts.
Trust and renewals. Customers measure you on resilience as much as features. Reducing endpoint risk lowers incident volume, support drag, and executive scrutiny at renewal.
AI rollouts. Agentic tools and local models amplify risk if device hygiene is weak. Only 14% of CS teams are AI‑ready—close that gap with Why AI Matters in CS (But Only 14% Are Ready).
Cost to serve. Fewer escalations and audits = more time for adoption work. That’s margin back to your team.
The CS playbook: what to do this quarter
Week 0–2: Map the blast radius.
Ask SecOps for a report on non‑binary software across devices (extensions, IDE add‑ons, containers, models).
Tag top 50 accounts that touch PII or finance workflows.
Week 2–4: Set guardrails.
Align on an allow‑list for extensions and dev tools used by key customers.
Add a Security & Compliance lane to your Success Plan; copy the structure from our Free Customer Success Plan Template.
Week 4–8: Prove outcomes.
Run a before/after on onboarding cycle time, incident volume, and number of security exceptions needed to go live.
Turn wins into a QBR story—“Risk down, time‑to‑value up.”
Week 8–12: Scale with AI.
Work with SecOps to pilot risk‑aware workflows (e.g., auto‑flagging risky extensions before a rollout).
If you’re tracking the broader shift to agentic AI, my recent breakdowns on You.com’s $100M Series C and Baseten’s $150M Series D show how to tie AI investments to CS outcomes.
Metrics to watch (add these to your dashboard)
Endpoint risk exposure: % of devices with unapproved extensions/add‑ons.
Security exceptions per onboarding: lower is better.
Onboarding time‑to‑first‑value: days from contract to first meaningful result.
Incident‑driven escalations: volume and resolution time.
Audit readiness: time to produce attestations for top accounts.
What this signals for the market
Funding is flowing to tools that blend visibility + policy + AI for the software layer on devices. For CS, the message is clear: security is a growth lever. Teams that get ahead of device‑level risk ship faster onboarding, fewer surprises, and calmer renewals.
Need more structure? Browse my Guides and Templates to operationalize these steps with ready‑to‑use playbooks.
My Takeaway
Koi’s raise is another proof point that endpoint reality has changed.
As a CS leader, don’t wait for a breach to tighten your story. Partner with SecOps, standardize guardrails, measure the lift, and bring those wins into every QBR.
—Hakan | Founder, The Customer Success Café Weekly Newsletter