Mcp Ai Agent Security Startup Runlayer Launches With 8 Unicorns, $11m From Khosla’s Keith Rabois And Felicis

On Monday, a caller Model Context Protocol information startup called Runlayer launched retired of stealth pinch $11 cardinal successful seed backing from Khosla Ventures’ Keith Rabois and Felicis. 

It was created by third-time laminitis Andrew Berman (previous companies: baby-monitor shaper Nanit and an AI video conferencing tool, Vowel, that sold to Zapier successful 2024).

In nan 4 months since Runlayer launched its merchandise successful stealth, it has signed dozens of customers, including 8 unicorns aliases nationalist companies for illustration Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp, it says. It besides nabbed David Soria Parra, nan lead creator of MCP, arsenic an angel and advisor, Berman tells TechCrunch. (Parra did not respond to our petition for comment.) 

Parra’s squad astatine Anthropic launched nan protocol in November 2024 arsenic an unfastened root project. MCP has since go nan de facto modular for allowing AI agents to link pinch nan information and systems they request to activity independently. It allows agents to entree data, move it, change it, and execute business processes without quality oversight. 

The protocol is now supported by each awesome exemplary shaper including OpenAI, Microsoft, AWS, Google arsenic good arsenic thousands of tech and endeavor companies; conscionable to sanction a few: Atlassian, Asana, Stripe, Block, others ranging from banks to user equipment manufacturers. 

“Everyone talks astir AI,” Berman, Runlayer’s CEO, told TechCrunch. “but AI is really only arsenic useful arsenic nan devices and nan resources it has entree to.”

The problem is, nan MCP protocol itself doesn’t see overmuch information retired of nan box, truthful galore MCP implementations person already been recovered to beryllium susceptible successful a assortment of ways.

The poster children are astir apt GitHub and Asana. In May, researchers at Invariant Labs discovered a punctual injection vulnerability successful MCP servers that allowed them to drawback information from backstage GitHub repositories (ones that shouldn’t person been accessible to nan public). Asana discovered and fixed a vulnerability successful its MCP server successful June that could person exposed customer data. There’ person since been galore much types of attacks recovered to activity connected communal MCP server setups.  

As you mightiness expect, specified information issues person fixed emergence to galore MCP information products, including products from big-name companies for illustration CloudFlare, Docker and Wiz — arsenic good arsenic a big of startups tackling much circumstantial products. 

The astir communal type of MCP information merchandise these days is simply a gateway, fundamentally a information furniture for identifying nan agents and controlling their entree to apps. 

Runlayer plans to guidelines retired successful this crowded marketplace by being an all-in-one information instrumentality that combines a gateway pinch features for illustration threat discovery that analyzes each MCP request; observability that watched each agentic activity crossed each MCP servers that IT has permitted; endeavor improvement wherever IT tin build civilization AI automations for endeavor users; and elaborate permissions that activity pinch existing place providers for illustration Okta and Entra. 

Like different competitors, specified arsenic open root Obot, Runlayer business users are presented pinch an Okta-like catalog of nan pre-vetted MCP servers that their IT will let agents to access. Runlayer matches nan agents’ app permissions to nan quality users’ permissions. For instance, immoderate group mightiness person read-only entree to financial systems, immoderate constitute entree (the expertise to alteration nan data). Others person nary entree astatine all.  

Berman believes Runlayer stands retired from nan crowd, not conscionable pinch nan breadth of nan product, but because of nan team’s experience. He founded nan startup because, aft trading Vowel to Zapier, he became nan head of Zapier’s AI, and built 1 of nan first MCP servers, moving intimately astatine nan clip pinch OpenAI and Anthropic, he said.  

“What are nan problems that we saw pinch nan protocol? One, it was nan information consequence because it was adopted truthful quickly,” he said. There were “blind spots” successful areas for illustration observability and audits, that make it risky for enterprises to rotation retired to users.

So successful August, “we near our jobs. We signed up David Soria Parra, nan creator of nan spec, and successful 4 months, we’ve signed up 8 unicorns,” he said of himself and his co-founders from Zapier Tal Peretz and Vitor Balocco.

Other advisors and investors successful nan company, Berman says, see caput of information astatine Cursor Travis McPeak, and laminitis of Neon Nikita Shamgunov.