Palo Alto Networks explores $400M acquisition of Koi Security amid AI-driven buying spree

Palo Alto isn't saying if it will buy security start-up Koi

Palo Alto Networks is on shopping spree. The company is reportedly considering a $400 million purchase of Israeli cybersecurity start up Koi, which raised $48 million in funding last year. Palo Alto told The Register it does not comment on rumor and speculation. However, a person close to Palo Alto said that this is one of several rumors that have sprouted up following a visit to Tel Aviv last month by CEO Nikesh Arora. "This is not the first guess coming out of the Israel media following that visit," said the person who was not authorized to make an official statement about the matter on behalf of the company. "I'm sure it won't be the last." During the two-day stay, Arora met with the company's 1,600 employees there as well as the teams at CyberArk, which Palo Alto is in negotiations to acquire. Koi offers endpoint software security and boasts that it can "Secure anything with an 'Install' button." Koi was founded by three members of the IDF's 8200 Intelligence Corps who claim it took them 30 minutes to create and publish an extension that could bypass most security environments, including those at large enterprises. Born from that was Koi, which they say "scans, governs, and monitors self-provisioned enterprise software at scale." Palo Alto has been in the mood for M&A recently with three acquisitions announced last year. It closed on its purchase of Protect AI in July. Protect AI's staff and technology are the cornerstone of Palo Alto's PrismaAIRS product, designed to mitigate threats posed by AI, the company said. In July it also announced that it would buy CyberArk for $25 billion which, if it closes, would be the biggest acquisition in the company's history. During his visit to Tel Aviv, Arora reassured CyberArk employees that Palo Alto did not envision large cuts to the workforce. He said the deal was focused on CyberArk's technology and talent. CyberArk provides identity access and monitoring and moves closer to providing a unified platform for all of a customer's cybersecurity needs. Palo Alto is giving CyberArk shareholders $45 cash and 2.2 shares of Palo Alto stock for each CyberArk share, about a 26-percent premium for CyberArk shares at the time the deal was announced in July. It expects it to close in the second half of fiscal 2026. In November, Palo Alto also announced the planned acquisition of Chronosphere, "a next-generation observability platform built to scale for the AI era," the company said.The company hopes that this acquisition will strengthen its ability to help organizations navigate modern applications and AI workload demand within a unified data and security foundation. ®

Palo Alto Networks reportedly explores $400M acquisition of Koi Security - SiliconANGLE

Palo Alto Networks reportedly explores $400M acquisition of Koi Security Palo Alto Networks Inc. is reportedly in talks to acquire Israeli cybersecurity startup Koi Security Inc. for an estimated $400 million. According to Ctech by Calcalist, Palo Alto Chief Executive Officer Nikesh Arora visited Israel last month and evaluated local startups for potential deals, where he allegedly emphasized that the rapid changes artificial intelligence is bringing to the cybersecurity sector have created a need to consolidate endpoint solutions, including extended detection and response and endpoint detection and response offerings. Founded in 2024, Koi was created by alumni of the Israeli Defense Force's elite Unit 8200, including CEO Amit Assaraf, Chief Technology Officer Idan Dardikman and Chief Product Officer Itay Kruk. The company's inception came about following a real-world white-hat experiment that exposed massive blind spots in software supply chains, notably by creating a fake malicious extension that quickly spread in developer environments. The experiment highlighted the limitations of traditional security tools and sparked the development of a new platform designed to govern and secure modern endpoint environments. Koi provides full visibility into modern software ecosystems running on enterprise endpoints. The company's platform differs from traditional security products by continuously tracking and inventorying all such software, making visible what would otherwise be invisible to IT and security teams, instead of being focused on binary executables and operating system vulnerabilities. The company's Supply Chain Gateway acts as a central checkpoint for all incoming software into an organization's environment and unifies software inventory management with real-time risk analysis and automated policy enforcement. The gateway allows enterprises to govern which software is allowed, flagged, or blocked to protect against unmanaged or unauthorized installs and to eliminate critical security gaps before they can be exploited by attackers. Koi also offers an AI-driven risk engine called Wings that uses machine learning, classification, sandboxing and threat intelligence to evaluate the risk of software components in real time, including novel or previously unseen threats. Although fairly young, Koi has seen strong growth and currently protects more than 500,000 endpoints globally, including those at Fortune 50 companies, financial institutions and technology companies. Notable Koi customers include OpenAI Group PBC, Cambia Health Solutions Inc., Jump Trading LLC and Fireblocks Ltd. Coming into its possible acquisition, Koi had raised $48 million over two rounds, including a $10 million seed round and $38 million Series A, both of which were disclosed in September. For Palo Alto Networks, if the acquisition proceeds, it would be a continuation of an acquisition spree that started with Protect AI Inc. for $500 million plus in April, CyberArk Software Ltd. for $25 billion in July and Chronosphere Inc. for $3.35 billion in November.