Paris-founded Escape, an offensive safety engineering platform, has raised €15.4 million ($18 million) in Collection A funding to automate your complete safety lifecycle with AI brokers.
The spherical was led by Balderton with participation from Uncorrelated Ventures and present buyers IRIS and Y Combinator.
“Safety groups are outnumbered and drowning in siloed, handbook processes. In a world the place code is written and attacked on the velocity of AI, this can not proceed. We’re constructing Escape because the offensive safety engineering platform to unravel that downside at scale,” mentioned Tristan Kalos, CEO and co-founder of Escape.
Based in 2020 by Tristan Kalos and Antoine Carossio, specialises in offensive safety engineering, a brand new method that replaces legacy scanners and handbook processes with AI brokers that uncover, take a look at, and remediate vulnerabilities instantly in engineering workflows.
It helps lean safety groups in defending themselves amid the speedy tempo of code creation and assaults. The corporate states that AI has shortened the window from code deployment to vulnerability exploitation to only hours. Though latest business efforts emphasise securing code on the developer’s IDE, that is solely a part of the image. Attackers goal dwell programs, specializing in precise configurations, integrations, authentication processes, and enterprise logic which might be current solely in manufacturing.
That is the place Escape’s AI brokers function, claims the corporate. The brokers mimic the behaviour of a classy attacker to search out exploitable logic flaws and knowledge leaks that exist solely in dwell environments, and remediate earlier than attackers get to them first.
Level-in-time pentesting and fragmented legacy instruments can’t preserve tempo, leaving safety groups who’re at present outnumbered 100-to-1 by builders, overwhelmed and uncovered. Escape states that it was based to repair this damaged mannequin by changing legacy scanners and handbook offensive safety processes with AI brokers that automate the complete lifecycle.
Its three choices embody: Assault Floor Administration, which identifies and verifies publicity in trendy functions, APIs, and infrastructure from code to cloud; Enterprise-Logic-Conscious Dynamic Software Safety Testing (DAST), which replaces conventional DAST with smarter, evolving testing that helps groups tackle real, exploitable vulnerabilities; and AI Pentesting, a scalable various to handbook pentests and bug bounty programmes.
In response to the corporate, its brokers repeatedly uncover, take a look at and repair vulnerabilities instantly inside engineering workflows. They automate assault floor discovery, steady safety testing, and contextual remediation. As a substitute of producing a report that sits in a queue, Escape’s brokers preserve the system shifting from the second a vulnerability is discovered to the second it’s fastened. This helps Escape multiply the influence of safety groups at scale, with out rising headcount or alerts.
To focus on the size of the risk, Escape mentioned its group not too long ago uncovered greater than 2,000 high-impact vulnerabilities hidden in 5,600 publicly out there vibe-coded functions. This included 175 situations the place private knowledge was uncovered, usually with a number of delicate secrets and techniques revealed directly. Each vulnerability was current in dwell manufacturing programs and discoverable in hours.
“Because the variety of software program builders – human and agentic – explodes, safety groups discover themselves with an inconceivable dilemma: depend on legacy scanners, understanding they don’t have the standard of pen-testing or work with handbook offensive safety groups and fail to scale to the amount of code. Escape has solved this problem with the world’s first AI-native, offensive safety platform that blends the scalability and relentless capability of expertise with the ingenuity of your safety group,” mentioned Suranga Chandratillake, companion at Balderton Capital.
The recent capital will improve the platform’s AI agent capabilities, together with agentic pentesting that causes about software logic relatively than scanning for identified patterns. It can additionally assist the growth of the engineering and go-to-market groups to satisfy rising enterprise demand within the US and Europe.
Recent out of Y Combinator’s 2023 cohort, the corporate announced a €3.6 million Seed funding spherical.
The corporate is utilized by greater than 2,000 safety groups globally, together with firms similar to BetterHelp, PandaDoc, CyberCube and Arkose Labs. It reviews that one in every of its latest clients witnessed a 393% ROI after deploying Escape, shrinking its safety testing processes from 5 days to 5 hours.
Total, Escape now conducts over 300,000 safety assessments every month worldwide, amounting to days of handbook testing that safety groups regain each month.
