The new funding will support further development of Escape’s AI-based security platform and expansion of its engineering and go-to-market teams as the company grows its presence in the US and Europe.
Escape, an offensive security engineering platform, has raised $18 million in a Series A funding round to develop AI agents designed to automate the security lifecycle. The round was led by Balderton, with participation from Uncorrelated Ventures and existing investors IRIS and Y Combinator.
Advances in AI have shortened the time between code deployment and the exploitation of software vulnerabilities. While recent industry efforts have focused on securing code within developers’ environments, many security risks arise in live systems where configurations, integrations, authentication flows, and business logic operate in production.
Escape was founded by Tristan Kalos (CEO) and Antoine Carossio (CTO) to address limitations in traditional application security models. The company aims to replace legacy scanners and manual offensive security processes with AI agents designed to automate security testing and remediation across the development lifecycle.
The platform focuses on what it describes as offensive security engineering, an approach that uses AI agents to identify, test, and remediate vulnerabilities directly within engineering workflows. Escape’s agents automate tasks such as attack surface discovery, continuous security testing, and remediation support, helping teams move more quickly from vulnerability detection to resolution while reducing operational overhead.
Security teams are outnumbered and managing siloed, manual processes. In a world where code is written and attacked at the speed of AI, this approach is no longer sustainable. We are building Escape as an offensive security engineering platform designed to address this challenge at scale.
said Tristan Kalos, CEO and co-founder of Escape.
Escape’s AI agents are designed to operate in live environments, simulating attacker behaviour to identify potential logic flaws and data exposure risks and support remediation before they can be exploited.
In a recent analysis, Escape reported identifying more than 2,000 high-impact vulnerabilities across 5,600 publicly available applications generated using automated coding tools. These included 175 cases involving exposure of personal data, with some instances revealing multiple sensitive credentials. According to the company, all of the identified vulnerabilities were present in live production systems and could be discovered within a short timeframe.
The new funding will support further development of the platform’s AI agent capabilities, including tools designed to analyse application logic during penetration testing, as well as the expansion of engineering and go-to-market teams as Escape targets enterprise customers in the US and Europe.