Runlayer, a new AI agent security startup focused on the Model Context Protocol (MCP), has officially launched from stealth with $11 million in seed funding led by Keith Rabois of Khosla Ventures and Felicis. The company was founded by Andrew Berman, a third-time entrepreneur known for co-founding Nanit, a baby monitor company, and Vowel, an AI-powered video conferencing tool that was acquired by Zapier in 2024. Since launching its product in stealth mode four months ago, Runlayer has secured dozens of customers, including eight unicorns or publicly traded companies such as Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp. The startup also gained David Soria Parra, the lead architect behind MCP, as an angel investor and advisor—though Parra did not respond to requests for comment. MCP, introduced in November 2024 by Anthropic’s team, has rapidly become the de facto standard for enabling AI agents to autonomously access data, execute tasks, and interact with enterprise systems. It is now supported by major tech players including OpenAI, Microsoft, AWS, Google, and thousands of organizations across industries—from software companies like Atlassian and Asana to financial institutions and consumer goods manufacturers. Despite its widespread adoption, MCP lacks built-in security, leading to multiple high-profile vulnerabilities. In May, researchers at Invariant Labs uncovered a prompt injection flaw in GitHub’s MCP server that exposed private repositories. Asana later patched a similar vulnerability in its own setup that could have led to customer data leaks. These incidents have sparked demand for dedicated MCP security solutions, with offerings from established players like Cloudflare, Docker, and Wiz, as well as a growing number of startups. Runlayer differentiates itself by offering an all-in-one security platform that combines a gateway with advanced capabilities. Its solution includes real-time threat detection that analyzes every MCP request, observability tools to monitor all agent activity across authorized servers, enterprise automation development features, and fine-grained permission controls that integrate with identity providers like Okta and Microsoft Entra. The platform uses an Okta-like interface to present a curated catalog of pre-vetted MCP servers that IT teams approve for agent access. Permissions are mapped directly to human user roles—ensuring that only users with appropriate access can allow agents to read, write, or modify data. Berman, Runlayer’s CEO, says the company was born from firsthand experience. After selling Vowel to Zapier, he became the director of AI at the company and helped build one of the first MCP servers, working closely with OpenAI and Anthropic. He identified key gaps in the protocol, particularly around security, observability, and auditability—issues that make enterprise adoption risky. In August, Berman and his co-founders from Zapier—Tal Peretz and Vitor Balocco—left their roles to launch Runlayer. Within four months, they had onboarded eight high-profile customers. The company’s advisory board includes Travis McPeak, head of security at Cursor, and Nikita Shamgunov, founder of Neon. With growing concerns over AI agent autonomy and data exposure, Runlayer aims to become the trusted security backbone for organizations deploying MCP-powered AI systems.