Palo Alto Networks announced on Tuesday that it has entered into a definitive agreement to acquire endpoint security company Koi.
Financial details have not been disclosed by the security firms, but Israeli publications Calcalist and Globes both reported that the deal is valued at $400 million.
Koi, which raised $48 million in funding, offers an endpoint security platform that focuses on protecting various types of software, including applications, code, operating system packages, extensions, AI models, AI agents, and containers.
The platform includes tools for automatic discovery and inventory of software across IT setups. It employs an AI-driven risk engine to analyze factors like code changes, runtime actions, update paths, and network outflows for real-time threat detection.
Remediation features enable actions such as quarantining risky elements, reverting versions, and notifying owners. A supply chain gateway component curates incoming software from platforms like GitHub and Hugging Face.
Palo Alto Networks said it’s buying Koi for its agentic endpoint security technology, aiming to enhance Palo Alto’s Prisma AIRS AI security platform and Cortex XDR endpoint security solution to provide “significant visibility into the AI attack surface to improve security policy and malware prevention”.
“AI agents and tools are the ultimate insiders. They have full access to your systems and data, but operate entirely outside the view of traditional security controls,” said Lee Klarich, chief product and technology officer at Palo Alto Networks. “By acquiring Koi, we will be closing this gap and setting a new standard for endpoint security. We will give our customers the visibility and control required to safely harness the power of AI—ensuring that every agent, plugin, and script is governed, verified, and secure.”
Koi has been in the news in recent months for its analysis of attacks and vulnerabilities impacting software developers.
Palo Alto Networks announced three major acquisitions last year: observability platform Chronosphere for $3.35 billion, identity security giant CyberArk for $25 billion, and AI security firm Protect AI reportedly for over $500 million.
SecurityWeek’s M&A tracker cataloged more than 420 deals in 2025. A detailed report will be published in the coming days.
Related: EU Unconditionally Approves Google’s $32B Acquisition of Wiz
Related: Cybersecurity M&A Roundup: 34 Deals Announced in January 2026
Related: Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat
