Software is increasingly being built and attacked by AI, and Y Combinator-backed Escape just raised $18 million from Balderton Capital to protect it with AI. But the secret to success is something very human: trust.
Founded first as a research institute in 2020 and later turned into a commercial company, Escape’s co-founders, CEO Tristan Caros and CTO Antoine Carosio, built an AI agent that ethically hacks code to uncover weaknesses and fix them.
Caros and Carosio met during the entrepreneurship program at the University of California, Berkeley. Each with a background in machine learning and cybersecurity, they were acutely aware of how insecure everyday digital services were.
After the company Kalos worked for was hacked, they asked each other, “Why don’t we create an AI system that can actually solve this problem?” “And that was the beginning of the original concept,” Kalos said. Technology funding news.
OpenAI released ChatGPT in late 2022. The explosion of generative AI has led to an explosion of AI-generated code, which can be prone to weaknesses. Escape’s own research found over 2,000 serious vulnerabilities in apps built with the Vibe coding platform.
At the same time, AI-powered attacks are on the rise, increasing by 89% year over year in 2025, according to a report from CrowdStrike. Most recently, hackers used Anthropic’s chatbot to attack a Mexican government agency and steal 150 gigabytes of data.
“This is a very unique time in cybersecurity,” Kalos said, but security teams can’t move quickly enough to test scripts or address vulnerabilities. “What we’re doing is using AI to scale the efforts of security teams and empowering them to protect code against AI at the pace of AI.”
Discover, test and repair
Escape’s AI agent works by mapping digital infrastructure such as apps, APIs, databases, and endpoints to test them for vulnerabilities. The agent simulates attack chains and generates evidence of exploitation, showing exactly how vulnerabilities are discovered and triggered.
We then resolve the issue through automated, contextual remediation of each vulnerability. We also provide reproduction steps so security teams can validate the fix and ensure that the AI agent has not introduced any additional weaknesses.
“Technology is changing so quickly that we’re seeing changes in the way people protect applications, the way people build applications, and the way people attack applications,” Kalos said.
“Automating this process from discovery to remediation was just not possible before, and it’s still very difficult, isn’t it? It requires a lot of R&D, but in the future we see it becoming end-to-end.”
According to the CEO, enterprises rarely discover, test, and remediate vulnerabilities in one flow, which is what sets Escape apart from competitors like Crossbow and Terra Security.
But his biggest challenge was something very human: trust. Security is a “very conservative market,” and it’s difficult to gain the trust of teams, he said.
“Even if you have the best product or the best solution on the market, it’s not enough. You also need to build trust. You need to go out and talk to people and build trust. Then, after you build this relationship, those people will become your customers in the future.”
This is not a typical vendor-customer relationship. Rather, he said, vendors are like partners, and that relationship needs to be cultivated and nurtured on an ongoing basis.
That was one of the factors that caught the eye of Balderton, who led the deal. “We are extremely impressed with how Escape has quickly become the trusted platform for sophisticated organizations around the world,” said Suranga Chandratillake, partner at the company.
“Gone are the days when penetration testing was done sporadically and manually,” he added.
build an international company
Chandratillake is a successful former founder in the Valley, giving him a transatlantic perspective that can only be beneficial to startup buildings on both sides of the pond.
“We believe in the diversity of thought, expertise and opinion of Cap Table and Escape’s advisors,” Kalos added, pointing to existing investors IRIS and YC as well as Uncorrated Ventures, another new investor in the startup.
This is reflected in the startup’s team of 32 people, 30% of whom are women, Kalos said. Over 12 nationalities are also represented. This melting pot of cultures is what Kalos himself embodies, a Frenchman who previously lived in Spain and South America and is now based in New York.
The Series A, which brings the company’s total funding to $23 million, will be used to approximately double its team next year and expand its core technology and products to better serve large enterprise customers.
Escape returns to the theme of trust and focuses on building the “partner-style” relationships that security teams expect.
