Knostic is a cybersecurity company founded in 2023 by Gadi Evron and Sounil Yu, two well-known figures in the security community, to tackle a risk that emerges once enterprises deploy large language models internally: AI tools can answer questions and surface data far beyond what a given user is actually authorized to see. Knostic reframes this as a 'need-to-know' problem, building access controls and oversharing prevention so that AI assistants respect the boundaries enterprises already expect from their data governance.
The company's platform spans discovery and protection. On discovery, Knostic detects shadow AI — unsanctioned AI tool usage across an organization — giving security leaders visibility into where employees are connecting AI to corporate systems. On protection, it focuses heavily on the AI-empowered developer environment: securing AI coding assistants, agents, and Model Context Protocol (MCP) servers, which expand the attack surface through extensions and integrations that can exfiltrate data or run dangerous operations.
Knostic's product set includes capabilities branded around AI coding safety (such as its Kirin offering for coding assistants, agents, and MCP servers) and tools for blocking malicious IDE extensions, preventing data exfiltration, and stopping destructive commands before they execute. It also addresses risks from AI-generated code and vulnerable software supply chains, and has explored LLM-powered vulnerability discovery in CI/CD pipelines. The throughline is governing what AI systems are allowed to know and do inside the enterprise.
The company's credibility is bolstered by its founders' reputations and by industry recognition, including being selected for the RSA Conference 2025 Innovation Sandbox, a notable showcase for emerging security startups. Knostic positions need-to-know access control as a foundational paradigm for enterprise AI security, arguing that guardrails on AI behavior must be tied to identity and authorization rather than generic content filtering.
Knostic has raised approximately $14 million to date, with its most recent round on record being a Series A led by Bright Pixel Capital and joined by Silicon Valley CISO Investments (SVCI), DNX Ventures, Seedcamp, and prominent angels. As enterprises rush to adopt LLMs, copilots, and agents, Knostic's bet is that controlling AI access and preventing oversharing will become a core requirement of every enterprise AI security program.