Koi provides endpoint security focused on self-provisioned software across enterprise environments. The platform addresses security risks associated with IDE extensions, browser add-ons, packages, and other marketplace-distributed software that employees install without IT oversight. The company's research demonstrated how easily malicious extensions can bypass traditional security controls, leading them to develop ExtensionTotal as their first product for assessing extension risks. Koi's platform delivers organization-wide visibility into self-provisioned software, enabling security teams to scan, assess, and enforce policies at scale. The system monitors software from various marketplaces including VSCode, browser extension stores, and package repositories. The platform identifies potentially malicious or risky software components that traditional endpoint security tools often miss because they focus on operating system-level threats rather than application-layer extensions and add-ons. The company's approach stems from firsthand research into marketplace vulnerabilities, where they successfully published a malicious VSCode extension that infiltrated multiple billion-dollar companies within 30 minutes. This research revealed significant gaps in how organizations control and monitor developer tools and browser extensions. Koi targets enterprise security teams who need to balance developer productivity with security governance, providing the visibility and control mechanisms necessary to manage software that employees provision themselves without going through traditional IT procurement channels.