NanoCo

NanoCo is a Tel Aviv-based startup founded in early 2026 by brothers Gavriel Cohen (CEO, technical co-founder) and Lazer Cohen (President, co-founder). The company develops NanoClaw, an MIT-licensed, security-first AI agent platform designed to deliver persistent, context-aware automation capabilities to enterprise teams while maintaining strict isolation and auditability. NanoClaw addresses a critical gap in the emerging agentic AI market: as AI agents gain autonomy and access to sensitive data, workflows, and infrastructure, existing platforms like OpenClaw have demonstrated severe security vulnerabilities—including 900+ malicious add-on skills, 135,000+ exposed instances, lateral movement risks, and credential leakage. NanoCo's architectural response is radical simplicity and container-based isolation: the entire NanoClaw runtime is approximately 500 lines of code (versus OpenClaw's ~500,000), deployed with each AI agent running in its own Docker or MicroVM sandbox, incapable of accessing the host system or other users' workflows.

The core innovation is **per-employee AI agents**. Rather than deploying a single shared AI assistant (like Microsoft Copilot or ChatGPT Enterprise) with broad permissions—a model that creates a large blast radius for any security misconfiguration—NanoCo allocates each employee a persistent, isolated agent. This agent learns the employee's role, ongoing projects, email and document context, and tool integrations (Slack, Teams, GitHub, databases, etc.), acting as a persistent "second brain" capable of drafting contracts, reviewing code, managing customer accounts, automating procurement workflows, or other domain-specific tasks. The agent's container has no access to other users' data, the broader corporate filesystem, or external systems except through explicitly approved channels. Sensitive operations—such as modifying files, sending emails, deleting resources, or changing cloud infrastructure—require explicit human approval, with all actions logged for compliance audit.

The security architecture uses credential injection at request time: when an agent needs to call an external API or service, credentials are injected by a secure gateway only for that specific task and are never persisted or exposed to the agent container. This prevents credential harvesting, token spillage, or privilege escalation—a common attack vector in shared-assistant models. The open-source model ensures transparency: researchers, enterprise security teams, and customers can audit the full codebase, reducing the risk of hidden backdoors or supply-chain compromise common in proprietary closed-source agent platforms.

NanoClaw went viral within weeks of its early 2026 launch, attracting over 250,000 downloads, nearly 29,000 GitHub stars, and high-profile endorsements from AI luminaries including Andrej Karpathy and executives at Docker, Google, Amazon, Meta, SentinelOne, and Accenture. This rapid adoption reflected both technical differentiation and market timing: enterprises were actively grappling with the security implications of AI agents, and NanoCo's approach stood out as principled and pragmatic. The company raised a $12 million oversubscribed seed round in May 2026 led by Valley Capital Partners, with strategic participation from Docker, Vercel, Monday.com, Slow Ventures, Clutch Capital, and Factorial Capital, plus angel investment from Clem Delangue (CEO of Hugging Face). Most remarkably, NanoCo reportedly turned down a $20 million acquisition offer pre-funding, signaling founder conviction and investor enthusiasm.

NanoCo's business model combines open-source and enterprise SaaS. NanoClaw remains MIT-licensed and freely deployable, supported by a vibrant developer community. Simultaneously, NanoCo offers commercial managed services: a hosted platform with no setup friction, pre-built integrations, compliance certifications, and SLA-backed support. The company supports both cloud-hosted and on-premise deployments, critical for regulated industries (finance, healthcare, defense) and organizations with stringent data residency requirements. Revenue stems from per-employee managed service fees and enterprise support tiers.

Competitively, NanoCo operates at the intersection of enterprise AI security and workflow automation. Direct competitors include Microsoft Copilot, ChatGPT Enterprise, and OpenClaw derivatives; adjacent players include workflow automation platforms (Zapier, Make, n8n) and security-focused infrastructure services. NanoCo's differentiation is architectural: the per-employee isolation model, the minimal auditable codebase, and the credential isolation approach address attack vectors that other platforms do not prioritize, making it particularly attractive to large enterprises with high security posture requirements.

From a strategic and dual-use perspective, NanoCo's secure AI agent infrastructure has applications beyond commercial enterprise automation. Organizations managing classified workflows, sensitive defense or intelligence information, or critical infrastructure systems could benefit from NanoClaw's isolation guarantees and auditability. Government, military, and national-security teams managing autonomous decision-support, workflow automation, or intelligence analysis could potentially benefit from the architecture, though current messaging and positioning focus on commercial enterprise productivity. The security and isolation principles are generalizable across domains where AI agent capability must be coupled with operational security and data containment requirements.