YC’s Escape nabs $18M from Balderton to capitalise on cybersecurity’s ‘unique moment’ — Y Combinator’s Escape raises $18 million from Balderton for cybersecurity’ AI agent
https://techfundingnews.com/escape-ai-agent-cybersecurity-balderton/
Publish Date: 2026-03-10 01:07:00
Source Domain: techfundingnews.com
Software is increasingly built and attacked by AI, and Y Combinator-backed Escape just raised $18 million from Balderton Capital to protect it with AI too. The secret to success, however, is very human: trust.
Founded in 2020 first as a research lab that later morphed into a commercial company, Escape co-founders Tristan Kalos, CEO, and Antoine Carossio, CTO, have built AI agents to ethically hack code to expose weaknesses, and then fix them.
Kalos and Carossio met at UC Berkeley during an entrepreneurship programme; they had backgrounds in machine learning and cybersecurity, respectively, and found themselves chewing the fat over how insecure everyday digital services are.
After a company Kalos had worked for was hacked, they asked each other: Why not create an AI system that can actually solve this problem? “And that’s how the original concept started,” Kalos told Tech Funding News.
OpenAI released ChatGPT in late 2022. The explosion of generative AI brought an explosion of AI-generated code, which may be more prone to weaknesses. Escape’s own research found over 2,000 serious vulnerabilities in apps built with vibe coding platforms.
At the same time, AI-driven attacks have skyrocketed, rising 89% year-on-year in 2025, according to a CrowdStrike report. Most recently, a hacker used Anthropic’s chatbot to attack Mexican government agencies and steal 150 gigabytes of data.
“It’s quite a unique moment in cybersecurity,” Kalos said, but security teams can’t move fast enough to test scripts or tackle vulnerabilities. “So what we are doing is using AI to scale the efforts of security teams and allow them to secure code at the pace of AI, against AI.”
Discover, test and remedy
Escape’s AI agents work by mapping digital infrastructure such as apps, APIs, databases, and endpoints and tests them for vulnerabilities. The agents simulate attack chains then produce proof-of-exploitation, showing exactly how a…
