Runlayer Launches Innovative MCP AI Security Agent and Secures $11 Million in Funding
Runlayer, a new player in the AI security landscape, has emerged from stealth mode, announcing its Model Context Protocol (MCP) security solution and securing $11 million in seed funding. The investment comes from notable firms including Khosla Ventures, led by Keith Rabois, and Felicis.
Founded by Andrew Berman, who previously launched successful ventures like the baby monitor company Nanit and AI video conferencing tool Vowel, which was acquired by Zapier in 2024, Runlayer aims to address major security concerns regarding the MCP protocol. Launched as an open-source initiative by a team at Anthropic in November 2024, the MCP protocol is now widely adopted, enabling AI agents to independently access, alter, and manage data across various systems. Major players supporting this protocol include OpenAI, Microsoft, Amazon Web Services, and Google, among others.
Despite its rapid adoption, numerous implementations of the MCP protocol have revealed significant security vulnerabilities. For instance, researchers from Invariant Labs identified a prompt injection flaw in GitHub’s MCP servers that exposed private data, while Asana also reported vulnerabilities that could compromise customer information.
The burgeoning market for MCP security solutions includes offerings from established companies like CloudFlare and Docker as well as niche startups. The most prevalent solutions serve as gateways, creating a security layer that controls agent access to applications.
Runlayer differentiates itself by providing a comprehensive security tool that incorporates a gateway, threat detection for monitoring MCP requests, observability for tracking agent activities across MCP servers, and customizable permission settings that integrate with existing identity management systems like Okta and Entra.
Berman highlights that Runlayer matches the permissions of AI agents to those of human users, ensuring that access levels—ranging from read-only to full access—are respected. The startup’s competitive edge lies not only in its innovative features but also in the team’s expertise; Berman previously served as director of AI at Zapier and collaborated closely with organizations like OpenAI and Anthropic during the development of MCP servers.
Since its inception, Runlayer has gained traction, attracting eight unicorns as clients, bolstered by guidance from security experts and seasoned investors. Berman notes, “The rapid adoption of the MCP protocol created security risks. Our mission is to fill the gaps in observability and auditing to make enterprise deployments safer.”
Key Highlights:
– Runlayer’s MCP AI security tool aims to fill crucial security gaps in AI data management.
– The startup secured $11 million in funding from notable venture firms.
– Led by experienced founders, the company has quickly built a client roster featuring eight unicorns.
– Key features include advanced threat detection, observability, and customizable permissions.
