Ex-GitHub CEO Raises $60M from Microsoft to Compete with…Microsoft

Here's my take: Microsoft is funding its own Goliath replacement

Let's start with the obvious contradiction: Microsoft M12 leads a $60 million round in Entire, a startup that audits AI-generated code. The founder is Thomas Dohmke, former CEO of GitHub (owned by Microsoft). And Entire's product competes directly with GitHub Advanced Security (GHAS), which has been scanning code since 2020.

This isn't a normal investment. This is Microsoft betting on a product that could cannibalize its own offering. I've seen this movie before.

M12 has a well-documented pattern: invest in ecosystem startups, then absorb them. They did it with npm (integrated into GitHub in 2020), Citus Data (absorbed by Azure in 2019), Deis (Kubernetes for Azure, acquired in 2017). Five out of eight M12 investments in dev tools since 2020 ended as acquisitions.

If you're an enterprise evaluating Entire, here's the question you should ask: am I adopting an independent product or a GitHub feature in incubation?

The elephant in the room is timing. Dohmke left GitHub in January 2025, right as Copilot hit $390M ARR. You don't walk away from that unless you see the writing on the wall: GitHub will eventually bundle AI code governance into GHAS, making Entire redundant. By founding a startup now, Dohmke maintains control—until Microsoft writes the check in 18-24 months.

The $60M seed nobody is questioning—except me

Entire just broke the record for largest dev tools seed round. The $60 million exceeds even Series B rounds of established competitors. Replit, once the darling of coding assistants, raised $97M in Series B (2023). Entire does it at seed, with no public product.

This is not normal. A $60M seed implies one of two things: either there's brutal pre-launch traction (enterprise contracts signed before the announcement), or investors are betting exclusively on Dohmke's pedigree and his network in the GitHub ecosystem.

After years covering the enterprise sector, my money's on the second. LinkedIn shows Entire is hiring 23 people: 12 engineers, 6 sales, 5 GTM. That structure doesn't scream product-market fit. It screams land-grab: hire sellers to close enterprise deals before the competition reacts.

At that hiring pace, Entire's burn rate sits between $4M and $6M per month. That gives them 10-15 months of runway before needing a Series A. The pressure to show traction will be brutal.

What nobody at TechCrunch asked: who are the initial customers? Because if they're enterprises in the Azure/GitHub ecosystem (likely given M12's backing), Entire is building on sand. Microsoft could integrate those features into GHAS and obsolete the startup in 12 months.

Why Thomas Dohmke left GitHub at the worst possible time

Dohmke was CEO of GitHub from 2021 to January 2025. During his tenure, he launched GitHub Copilot (2021), Copilot for Business (2023), and Copilot Enterprise (2024). In Q4 2025, GitHub reported 1.3 million Copilot seats sold, generating approximately $390M in ARR (assuming $25/seat/month average).

Dohmke left GitHub exactly when Copilot was taking off. Why?

The official narrative (via interview in The New Stack) is that he saw an unresolved market opportunity: AI code governance. But if you ask me directly, there's a more cynical explanation.

Microsoft is consolidating its AI products under Azure AI Studio. GitHub Advanced Security (GHAS) already scans vulnerabilities. The logical evolution is for GHAS to integrate AI code detection as a native feature. That turns the problem Entire solves into… a checkbox on Microsoft's product roadmap.

Dohmke saw that writing on the wall. If he stayed at GitHub, his vision for AI code governance would become a feature controlled by Satya Nadella's roadmap. By founding Entire, he maintains control—for now.

But the timing remains odd: founding a startup that competes with your former employer, getting funded by that same former employer's venture arm, and targeting the same enterprise market. It's a triangle that only makes sense if Microsoft already plans to acquire Entire in 18-24 months.

Let's be real: you don't leave a rocket ship (GitHub Copilot at $390M ARR) to build a competitor unless you've got assurances. And M12 leading your seed round is the loudest assurance in Silicon Valley.

The real cost of unaudited AI code: $150K/year in manual reviews

Beyond the corporate drama, Entire attacks a genuine problem. According to Gartner, 68% of enterprises report code of "unknown origin" generated by AI in production. They don't know if that code has incompatible licenses, vulnerabilities inherited from training data, or simply plagiarized from public repos.

Picture this scenario: a team of 20 developers using GitHub Copilot for 6 months. They generate 150,000 lines of AI-assisted code. A compliance audit (SOC 2, ISO 27001) arrives and the auditor asks: "Can you trace the origin of this code? Can you guarantee it doesn't violate GPL licenses in a proprietary product?"

The honest answer is: no.

Copilot doesn't provide audit trails. Claude Code doesn't either. Cursor, even less.

That auditability gap costs real money. Enterprise companies I've covered spend between $47,000 and $150,000 per year on manual AI code audits: they hire external consultants to review PRs, trace suspicious snippets, and validate nothing violates compliance. It's inefficient, expensive, and doesn't scale.

Entire promises to automate that with LLM fingerprinting and AST (Abstract Syntax Tree) analysis. The idea: each AI model (GPT-4, Claude, Llama) leaves stylistic "fingerprints" in the code it generates. Entire detects those and tags the origin.

If it works (and that's a massive "if" because LLM fingerprinting is experimental science), the ROI for enterprises is obvious: $150K in manual audits vs $30K-$50K for Entire's SaaS license. Net savings: $100K/year.

But here's the thing though: if Entire generates false positives (flags human code as AI) or false negatives (misses problematic AI code), the legal risk is worse than not auditing at all. Because now the company has a compliance tool that failed, which in litigation is evidence of negligence.

The technical risk here is real. LLM fingerprinting has no published peer-reviewed papers proving accuracy at scale. Entire has 12 engineers and no public scientific validation. You're trusting your compliance posture to experimental tech backed by a venture fund that historically acquires what it invests in.

M12's acquisition playbook: 5 out of 8 dev tools absorbed by Microsoft

What nobody tells you is that M12 doesn't invest for traditional VC returns. M12 invests to control strategic technologies that Microsoft eventually wants to absorb.

Historical M12 pattern (last 8 investments in dev tools):

Out of 8 investments, 5 ended up absorbed by Microsoft. The remaining 3 are still active but with deep Azure integrations.

If Entire follows that pattern, early adopters are betting on a product with an expiration date. In 24 months, Entire could be "GitHub Advanced Security: AI Edition." Enterprise contracts would migrate to GitHub licenses. And those who invested engineering in integrating Entire into their CI/CD pipelines will have spent cycles on a product that ceased to exist independently.

That doesn't mean Entire is bad technology. It means adopting Entire is betting on the independence of a startup funded by the giant with the most incentive to absorb it.

I've seen this pattern play out with Deis (became Azure Kubernetes Service), with npm (became GitHub Package Registry), with Citus (became Azure Database for PostgreSQL). The playbook is consistent: M12 invests, Microsoft integrates, the startup brand disappears.

If you're a CTO evaluating Entire today, you're not just evaluating the product. You're evaluating the probability that this product will exist in its current form 24 months from now. And based on M12's track record, that probability is below 40%.

The bottom line: High-risk bet with an expiration date

Here's my take: Entire solves a real problem (AI code governance), but its cap table structure and relationship with Microsoft make it a high-risk bet for enterprises.

If you're a CTO evaluating AI code audit solutions, here's the decision matrix:

The key point is that Entire only makes sense if:

1. You need AI code audit today (GHAS and Snyk don't have it yet)
2. You're willing to assume the risk that the product gets absorbed by Microsoft in 18-24 months
3. You have budget for a premium solution (~$50K/year) vs waiting for GHAS to integrate it free

If you don't meet those 3 criteria, my recommendation is to wait. GitHub will launch AI code detection in GHAS. It's a matter of quarters, not years. And when they do, it'll be free for GitHub Enterprise customers.

For 90% of enterprises, adopting Entire now is paying $50K to get 6 months ahead of a feature Microsoft will give away.

The only thing that would save Entire from that dynamic is demonstrating brutal technical differentiation: that its LLM fingerprinting is so superior to what Microsoft could build internally that it justifies keeping the product independent. But with only 12 engineers and no published scientific paper, that differentiation doesn't exist yet.

In summary: Entire is a good bet for M12. It's a risky bet for you.