CopilotKit first came to our attention not through a pitch, but through something we pay close attention to as a fund: organic developer adoption. We regularly track emerging open-source projects gaining traction in developer communities, and CopilotKit’s growth curve stood out, developers were pulling it into their stacks, raving about the simple yet powerful new layer for agent-to-user interactions, and the project’s growth pace suggested it was solving a real and urgent problem.

When we met co-founders (and brothers) Atai and Uli Barkai, we were immediately struck by their clarity of vision for agentic-human interfaces in an AI-powered world. But what truly set CopilotKit apart was the speed at which they turned open-source momentum into a commercial business, always the hardest challenge for developer-first companies. Within months, Fortune 500 enterprises were paying meaningful dollars for CopilotKit’s early enterprise offering, and revenue was growing rapidly. It’s one thing to build something developers love. It’s another entirely to make that love monetizable. CopilotKit did both, remarkably fast.

Agents Need a New User-Interface Layer

For the past decade, software interfaces followed a simple model: a frontend talks to a backend, the backend replies with data, the frontend renders the reply. A stateless ping-pong, no persistence, no learning, no adaptation. AI agents break that model entirely. They stream responses, pause for human input, resume across sessions, generate dynamic UI elements on the fly, and orchestrate complex multi-step workflows. They produce continuous, stateful, interactive experiences, and the old frontend stack simply wasn’t built for any of that.

Every company embedding AI agents into its products today is discovering the same thing: the hardest part isn’t building the agent, it’s building the interaction layer between the agent and the human user, while avoiding lock-in to a specific agentic backend framework. How does the agent surface its work? How does the user steer, correct, or approve? How does this all persist across sessions, devices, and workflows? And how does the organization track and analyze user interactions with agents? Before CopilotKit, teams were forced to reinvent this layer from scratch – every time, for every frontend, and with every agentic backend they use, at enormous cost and with limited results.

AG-UI and the CopilotKit Stack

What we loved about CopilotKit was their insight that the agent-to-user interface is not an application problem ,it’s an infrastructure problem. Just as MCP became the universal standard for connecting agents to external tools, CopilotKit is building the equivalent standard for connecting agents to users.

At the core of this is AG-UI, an open protocol created by CopilotKit that defines how agentic backends communicate with modern frontends. AG-UI is the third leg of what is becoming the agentic protocol stack: MCP connects agents to existing software tools, A2A interconnects agents between themselves, and AG-UI connects these agents to human users. Instead of every application building its own bespoke agent-user interface, AG-UI provides a universal language, each backend framework implements the protocol once, and all applications can then work independently of the backend with a rich agentic user experience.

The ecosystem’s response was extraordinary. Google, Microsoft, Amazon, and Oracle have all integrated AG-UI into their own agent frameworks, and officially endorsed CopilotKit for enterprises building agentic products. Leading open-source agent frameworks, LangChain, LlamaIndex, Mastra, PydanticAI, Agno, have aligned to and implemented the AG-UI protocol. In a fragmented, fast-moving ecosystem where standards rarely emerge this early, CopilotKit has become the neutral, trusted layer for agent-user interaction that everyone is building on. That kind of ecosystem convergence is rare, and it doesn’t happen by accident. We were sold.

Why Glilot+? Why Now?

At Glilot, we’ve spent over a decade investing in the infrastructure layers that define how enterprises build and secure software, from cybersecurity and cloud infrastructure to developer tools and DevOps. CopilotKit sits squarely at the intersection of these themes. It’s not an AI application; it’s the infrastructure that enables every AI application to interact with its users. That distinction matters, because infrastructure compounds in ways that applications don’t.

We also made a deliberate bet on timing. The agentic era is arriving faster than most enterprises are prepared for, and CopilotKit is giving them the building blocks to ship agent-powered products without reinventing a critical layer of the new agentic stack. The rare combination of rapid open-source adoption and an enterprise offering that converted into meaningful revenue almost immediately signals genuine product-market fit, not just developer enthusiasm, making this investment a perfect fit for Glilot+.

We’re proud to lead CopilotKit’s $27M Series A alongside our colleagues from NFX and SignalFire, and support the company’s fast growth across the US and globally. Atai, Uli, and the entire CopilotKit team are building what we believe will become a foundational infrastructure layer of the software stack for years to come, and we couldn’t be more excited to be part of this journey.

ScaleOps, an autonomous cloud and AI infrastructure resource management platform, has raised $130 million at a valuation of more than $800 million.

For the past year, the same massive challenge has been looming over the AI revolution: the exponential growth of AI compute is on a collision course with the physical limits of the power grid.

As data centers race to scale, the gap between how AI software behaves and what physical infrastructure can handle is widening rapidly. Historically, the industry has treated power as a static constraint and compute as a separate world entirely. But as this ecosystem grows into a multi-trillion-dollar market, we can no longer afford the disconnect between energy and compute.

That disconnect was hard to ignore as an investor.

When I first encountered Niv-AI, what stood out immediately was what they were not trying to do. They weren’t building just another monitoring dashboard or adding bulky hardware to an already stressed supply chain. Instead, they recognized that to solve a problem this large, the energy layer and the compute layer desperately need a shared dialect to communicate.

That framing mattered. It shifted the conversation away from treating power as a limitation, and toward treating it as an intelligent, software-defined ecosystem. Niv-AI acts as a critical control plane sitting exactly at the intersection of energy and compute. By doing so, they aren’t just solving a point-in-time issue; they are building the foundational infrastructure required for the global AI ecosystem to scale without breaking the physical grid.

True consolidation and category creation rarely come from staying within traditional industry silos. They come from operating directly in the white space between them.

The technology alone would have been compelling, but what ultimately sealed my conviction was the team. Tomer and Eddie bring a rare advantage to this problem. Drawing on their deep operational and technical backgrounds in elite intelligence units, they possess the exact bare-metal and systems-level expertise needed to orchestrate complex challenges at the microsecond level. They were unusually clear about what it takes to solve this from first principles, with no trend-chasing and no noise.

Glilot Capital co-led Niv-AI’s $12M Seed round together with Lior Handelsman from Grove Ventures. Lior, a co-founder of SolarEdge, is a world-class expert who shares our conviction in this vision. We chose to invest because we believe the company brings the physical infrastructure of AI closer to reality – both technically and culturally. The AI revolution can only fulfill its promise if it is grounded in the reality of physics.

Niv-AI represents exactly that kind of breakthrough. We believe these are the moments that create lasting companies and drive meaningful category shifts.

Imagine a CISO’s desk. It isn’t buried under paper. It’s buried under dashboards.

Tabs are always open. Alerts blinking. Emails are flagged and slack channels buzz constantly. Meanwhile, another vendor asks for 30 minutes to “show something groundbreaking.” The modern enterprise security environment isn’t a clean architecture diagram; it’s a fragmented battlefield of dozens of products and multiple consoles. It is defined by overlapping capabilities, endless integrations and constant maintenance.

This is the first reality vendors must face: Tool Fatigue. The CISO is not looking for another product; they  are looking for relief. When a vendor proudly declares, “We detect 25% more advanced threats,” the CISO doesn’t hear innovation. They hear  another system to deploy, another dashboard to monitor, and another contract to justify.

Maximizing Cybersecurity ROI

In today’s digital economy, cybersecurity has transitioned from a back-office technical expense to a core pillar of business resilience. As global cybersecurity spending is projected to reach $240 billion in 2026, corporate boards and C-suite executives are demanding answers to a critical question: How much actual security are we getting for every dollar we spend?

For years, organizations operated under a “more is better” mindset, buying tools based on fear and worst-case scenarios. However, to truly optimize, they must adopt security investments, leaders must abandon fear-driven spending. Instead adopt data-driven frameworks that prove risk reduction and return on investment (ROI).

The Complexity Trap: Why More Spending Doesn’t Always Mean More Security

The high volume of security solutions in the modern enterprise has led to diminishing returns. Organizations currently juggle an average of 83 different security tools from 29 different vendors. In large global enterprises with over 25,000 employees, about 25% manage a bloated portfolio exceeding 100 distinct security products.

Rather than making companies safer, this tool sprawl creates a “Complexity Trap”. Fragmented tools and disconnected data force security analysts to pivot across an average of 10.9 different consoles, which slows down investigations and creates dangerous blind spots. As a result, 46% of alerts are false positives, and 42% are never investigated due to alert fatigue and manual work. In short, acquiring redundant, niche solutions often adds operational friction rather than improving defensive defense.

Shifting to Risk-Spend Efficiency (RSE)

To ensure every dollar matters, organizations are turning to Risk-Spend Efficiency (RSE). This is a framework that calculates exactly how much risk is reduced for every dollar invested in mitigation. RSE enables decision-makers to make apples-to-apples comparisons across different projects, such as comparing the value of an infrastructure upgrade against a cybersecurity training program.

Calculating ROI for risk reduction,requires comparing the financial cost of a potential risk against the cost of implementing a control. For example, if an organization expects five phishing attacks a year costing $35,000 each, but the cost to train employees to spot these attacks is only $25,000, the investment makes clear financial sense. By translating complex risk trade-offs into financial terms, RSE ensures that limited resources go toward the initiatives that have the highest impact.

Speaking the Board’s Language: Cyber Risk Quantification (CRQ)

To secure budgets and align with leadership, Chief Information Security Officers (CISOs) must stop speaking in technical jargon and arbitrary metrics. Board members are frustrated by traditional, color-coded “heatmaps” that show a risk as “yellow” quarter after quarter without explaining the financial implications or what has actually changed.

Instead, mature organizations are adopting Cyber Risk Quantification (CRQ) models, such as the Factor Analysis of Information Risk (FAIR) standard, to express cyber risk in monetary values. Through formal Business Impact Analysis (BIA), organizations can evaluate what happens if a critical system fails or is manipulated, quantifying the maximum credible loss. Framing risk in financial terms allows boards to prioritize the most critical threats, evaluate the cost-benefit of security investments, and track how much risk was reduced over time.

Proving ROI Through Validation and Platformization

To optimize the cybersecurity budget, organizations must actively validate that their investments are working. Adversarial Exposure Validation (AEV) is replacing periodic vulnerability scanning by continuously testing security controls against real-world attack techniques. Instead of relying on theoretical vulnerability scores that may not reflect real danger, AEV helps organizations prioritize exposures based on actual exploitability. This identifies underperforming tools and allows lean security teams to focus exclusively on the threats that matter most.

Simultaneously, the market is moving toward “platformization,” consolidating separate tools into integrated security platforms. Consolidating tools significantly reduces the time it takes to identify and mitigate security incidents.

Conclusion

As cyber threats grow more sophisticated, budgets can no longer be justified by fear, hype, or arbitrary compliance checklists. The future of cybersecurity management relies on proving value. By using Risk-Spend Efficiency into strategic planning, leveraging CRQ to communicate with the board, and consolidating tools to reduce operational drag, organizations can confidently answer exactly how much security they are getting for every dollar spent.