Escape’s Series A backs AI agents that automate offensive security testing in live systems — where legacy scanners stop and real vulnerabilities begin.
The gap between when code ships and when it gets attacked is shrinking. Escape, an offensive security engineering platform, has raised $18 million in a Series A round to close it, using AI agents designed to automate the security lifecycle from discovery through remediation.
The round was led by Balderton, with participation from Uncorrelated Ventures and existing investors IRIS and Y Combinator.
The Problem With How Security Works Now
Most application security tooling is built around the development environment — catching vulnerabilities before code goes live. That focus, while valuable, misses where a significant portion of real-world risk actually lives: in production systems, where configurations shift, integrations multiply, authentication flows evolve, and business logic operates in ways that no static scanner was designed to anticipate.
Security teams are outnumbered and managing siloed, manual processes. “In a world where code is written and attacked at the speed of AI, this approach is no longer sustainable,” said Tristan Kalos, Escape’s chief executive and co-founder. “We are building Escape as an offensive security engineering platform designed to address this challenge at scale.”
The platform focuses on what Escape calls offensive security engineering — using AI agents to identify, test, and remediate vulnerabilities directly within engineering workflows, rather than as a separate audit process that runs alongside them.
Also Read: The AI Attack You Haven’t Heard Of. But Should.
What the Agents Actually Do
Escape’s AI agents are designed to operate in live environments, simulating attacker behavior to surface potential logic flaws and data exposure risks before they can be exploited. Tasks that traditionally required manual offensive security work — such as attack surface discovery, continuous security testing, and remediation support — are automated and embedded into the development lifecycle.
The practical stakes are not theoretical. In a recent internal analysis, Escape identified more than 2,000 high-impact vulnerabilities across 5,600 publicly available applications built with automated coding tools. Among them: 175 cases involving exposure of personal data, with some instances revealing multiple sensitive credentials. All identified vulnerabilities were present in live production systems and could be discovered within a short timeframe.
That finding carries a broader implication. As AI coding tools lower the barrier to shipping software, they are also — inadvertently — lowering the barrier to shipping vulnerable software. The attack surface is expanding faster than the teams responsible for securing it can keep pace.
Also Read: The Billion-Record “Hack” That Wasn’t
Who Built It and What Comes Next
Escape was founded by Kalos and Antoine Carossio, who serves as chief technology officer. The company was backed early by Y Combinator, a validator that carries weight in the security market where enterprise trust is hard-won.
The Series A funding will support further development of the platform’s AI agent capabilities, including tools designed to analyze application logic during penetration testing. Escape is also expanding its engineering and go-to-market teams as it pursues enterprise customers across the US and Europe.
The bet underlying all of it is straightforward: legacy scanners and manual processes were designed for a pace of development that no longer exists. If AI is what attackers are using to move faster, the defense has to move at the same speed — and that means automating the offense.
