Escape Secures $18M to Scale AI-Powered Security Automation

In a digital landscape where cyber threats evolve at a relentless pace, Escape has secured $18 million in Series A funding to expand its AI-driven security automation platform. This significant investment, spearheaded by Balderton Capital with contributions from Uncorrelated Ventures, Iris Capital, and Y Combinator, arrives at a critical moment. Security teams are vastly outnumbered, facing an overwhelming surge in cyberattacks. Recent data indicates organizations now confront nearly two thousand attacks weekly, marking a dramatic seventy percent increase from just the previous year.

The rapid adoption of artificial intelligence has drastically shortened the time between deploying new code and having its vulnerabilities exploited. What once took weeks or months now often unfolds in mere hours. While many security innovations have concentrated on protecting code within the developer’s environment, this approach addresses only a portion of the risk. Sophisticated attackers frequently target live production systems, probing real-world configurations, integrations, and business logic that simply don’t exist in pre-deployment stages. Escape’s technology is designed to operate in this exact space. Its autonomous AI agents simulate the methods of a skilled attacker, actively hunting for exploitable logic flaws and potential data leaks within active applications, then facilitating remediation before real threats can strike.

Traditional security methods, like periodic penetration testing and a collection of disconnected legacy tools, struggle to maintain this pace. This leaves already stretched security professionals dangerously exposed. Escape was founded by CEO Tristan Kalos and CTO Antoine Carossio to overhaul this ineffective model. Their platform replaces outdated scanners and manual processes with intelligent agents that automate the complete security lifecycle. Kalos brings a background in machine learning and data science, while Carossio offers deep cybersecurity expertise from roles with the French government and leading research institutions.

The core philosophy is to fight digital fire with fire. Escape’s agents work continuously within existing engineering workflows to discover, test, and repair vulnerabilities. They automate critical functions like attack surface discovery and contextual remediation. Rather than producing a static report that joins a backlog, these agents drive action, ensuring the system progresses from vulnerability identification to resolution without delay. This methodology amplifies the effectiveness of security teams, enabling them to manage scale without expanding personnel or drowning in alert fatigue.

The sheer scale of the challenge is staggering. In a recent demonstration of its capabilities, Escape’s team identified over two thousand high-severity vulnerabilities hidden within thousands of publicly accessible applications. This included numerous instances where personal data and sensitive secrets were openly exposed. Crucially, every one of these security gaps was present in live production environments and discoverable within hours.

A partner at Balderton Capital commented on the shift, noting that the era of infrequent, manual penetration testing is conclusively over. With the number of software developers, both human and AI-assisted, growing exponentially, security teams face an impossible choice: rely on inadequate legacy scanners or attempt to scale manual processes that cannot keep up. Escape presents a solution as the world’s first AI-native offensive security platform, merging technological scalability with human ingenuity. The rapid adoption by sophisticated global organizations underscores its value as a trusted resource.

Today, more than two thousand security teams worldwide place their trust in Escape, including notable companies like BetterHelp and PandaDoc. The impact is measurable; one global enterprise reported a 393 percent return on investment after implementation, compressing security testing timelines from five days to just five hours. Another platform, Thinkific, utilizes Escape to secure its applications comprehensively, embedding continuous, developer-friendly testing directly into its development workflow.

Collectively, Escape now conducts over three hundred thousand security assessments monthly for its clients. This volume represents days of manual testing effort that security professionals reclaim each month, time they can redirect to strategic initiatives.

The company’s CEO emphasized that security teams are outnumbered and overwhelmed by siloed, manual processes. In an age where code is both written and attacked at the speed of AI, this unsustainable situation demands a new approach. Escape is being built as the definitive offensive security engineering platform to solve that problem effectively and at scale.

Feedback from users highlights distinct advantages. An IT Security Engineer at Visma pointed to Escape’s superior capabilities in areas like IDOR scanning and testing complex multi-tenant scenarios, which are not feasible with other solutions. The platform’s automated onboarding and the team’s responsiveness to implementing user feedback were also cited as key differentiators.

The new Series A capital will be used to enhance the platform’s AI agent functionalities further. Planned developments include advanced agentic penetration testing that reasons through application logic instead of merely scanning for known patterns. The funding will also support the expansion of Escape’s engineering and go-to-market teams to meet escalating enterprise demand across the United States and European markets.

(Source: HelpNet Security)