On Monday, a brand new Mannequin Context Protocol security startup known as Runlayer launched out of stealth with $11 million in seed funding from Khosla Ventures’ Keith Rabois and Felicis.
It was created by third-time founder Andrew Berman (earlier corporations: baby-monitor maker Nanit and an AI video conferencing device, Vowel, that bought to Zapier in 2024).
Within the 4 months since Runlayer launched its product in stealth, it has signed dozens of consumers, together with eight unicorns or public corporations like Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp, it says. It additionally nabbed David Soria Parra, the lead creator of MCP, as an angel and advisor, Berman tells information.killnetswitch. (Parra didn’t reply to our request for remark.)
Parra’s group at Anthropic launched the protocol in November 2024 as an open supply venture. MCP has since turn into the de facto commonplace for permitting AI brokers to attach with the information and programs they should work independently. It permits brokers to entry information, transfer it, alter it, and execute enterprise processes with out human oversight.
The protocol is now supported by each main mannequin maker together with OpenAI, Microsoft, AWS, Google in addition to hundreds of tech and enterprise corporations; simply to call just a few: Atlassian, Asana, Stripe, Block, others starting from banks to shopper items producers.
“Everybody talks about AI,” Berman, Runlayer’s CEO, advised information.killnetswitch. “however AI is admittedly solely as helpful because the instruments and the sources it has entry to.”
The issue is, the MCP protocol itself doesn’t embrace a lot security out of the field, so many MCP implementations have already been discovered to be susceptible in a wide range of methods.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
The poster youngsters are most likely GitHub and Asana. In Could, researchers at Invariant Labs found a immediate injection vulnerability in MCP servers that allowed them to seize information from non-public GitHub repositories (ones that shouldn’t have been accessible to the general public). Asana found and stuck a vulnerability in its MCP server in June that would have uncovered buyer information. There’ have since been many extra sorts of assaults discovered to work on widespread MCP server setups.
As you may count on, such security points have given rise to quite a few MCP security merchandise, together with merchandise from big-name corporations like CloudFlare, Docker and Wiz — in addition to a bunch of startups tackling extra particular merchandise.
The most typical kind of MCP security product as of late is a gateway, basically a security layer for figuring out the brokers and controlling their entry to apps.
Runlayer plans to face out on this crowded market by being an all-in-one security device that mixes a gateway with options like risk detection that analyzes each MCP request; observability that watched all agentic exercise throughout all MCP servers that IT has permitted; enterprise improvement the place IT can construct customized AI automations for enterprise customers; and detailed permissions that work with present establish suppliers like Okta and Entra.
Like different rivals, comparable to open supply Obot, Runlayer enterprise customers are offered with an Okta-like catalog of the pre-vetted MCP servers that their IT will enable brokers to entry. Runlayer matches the brokers’ app permissions to the human customers’ permissions. For example, some folks may need read-only entry to monetary programs, some write entry (the power to alter the information). Others haven’t any entry in any respect.
Berman believes Runlayer stands out from the gang, not simply with the breadth of the product, however due to the group’s expertise. He based the startup as a result of, after promoting Vowel to Zapier, he turned the director of Zapier’s AI, and constructed one of many first MCP servers, working intently on the time with OpenAI and Anthropic, he mentioned.
“What are the issues that we noticed with the protocol? One, it was the security threat as a result of it was adopted so rapidly,” he mentioned. There have been “blind spots” in areas like observability and audits, that make it dangerous for enterprises to roll out to customers.
So in August, “we left our jobs. We signed up David Soria Parra, the creator of the spec, and in 4 months, we’ve signed up eight unicorns,” he mentioned of himself and his co-founders from Zapier Tal Peretz and Vitor Balocco.
Different advisors and traders within the firm, Berman says, embrace head of security at Cursor Travis McPeak, and founding father of Neon Nikita Shamgunov.
