On Monday, Runlayer, a new security startup focused on the Model Context Protocol, emerged from stealth mode with $11 million in seed investment led by Keith Rabois of Khosla Ventures and Felicis.
The company was founded by Andrew Berman, who previously launched Nanit, a baby monitor company, and Vowel, an AI-powered video conferencing platform acquired by Zapier in 2024.
Since launching its product in stealth four months ago, Runlayer has already secured dozens of clients, including eight unicorns or publicly traded companies such as Gusto, dbt Labs, Instacart, and Opendoor, according to the company. Additionally, David Soria Parra, the main developer behind MCP, has joined as an angel investor and advisor, Berman shared with TechCrunch. (Parra did not reply to our inquiry for comment.)
Parra and his team at Anthropic introduced the protocol as an open source initiative in November 2024. Since then, MCP has become the go-to standard for enabling AI agents to interact with the data and systems they need to operate autonomously. The protocol lets agents retrieve, transfer, modify data, and carry out business operations without direct human involvement.
Today, all major model providers—including OpenAI, Microsoft, AWS, and Google—support the protocol, along with thousands of technology and enterprise organizations. Notable examples include Atlassian, Asana, Stripe, Block, and a range of companies from financial institutions to consumer product manufacturers.
“AI is a hot topic,” Berman, who serves as Runlayer’s CEO, told TechCrunch. “But ultimately, AI’s value depends on the resources and tools it can access.”
However, the MCP protocol lacks robust built-in security, leaving many implementations exposed to various vulnerabilities.
GitHub and Asana are among the most prominent examples. In May, Invariant Labs researchers identified a prompt injection flaw in MCP servers that enabled unauthorized access to private GitHub repositories. In June, Asana detected and resolved a vulnerability in its MCP server that could have compromised customer information. Since then, several other attack vectors have been discovered targeting typical MCP server configurations.
Unsurprisingly, these security gaps have led to a surge in MCP security solutions, with offerings from established companies like CloudFlare, Docker, and Wiz, as well as numerous startups focusing on niche aspects.
Currently, the most prevalent MCP security solution is a gateway, which acts as a protective layer to authenticate agents and manage their access to applications.
Runlayer aims to differentiate itself in this competitive space by offering a comprehensive security platform that integrates a gateway with advanced features such as threat detection for every MCP request, full observability of agent activities across all MCP servers authorized by IT, enterprise development tools for building custom AI automations, and granular permissions that integrate with identity providers like Okta and Entra.
Similar to open source competitors like Obot, Runlayer provides business users with a catalog—resembling Okta—of pre-approved MCP servers that their IT teams permit agents to access. Runlayer aligns agent permissions with those of human users; for example, some employees may only view financial data, others may have editing rights, and some may have no access at all.
Berman asserts that Runlayer’s edge lies not only in its comprehensive product suite but also in the expertise of its team. He started the company after becoming Zapier’s AI director post-Vowel acquisition, where he developed one of the first MCP servers and collaborated closely with OpenAI and Anthropic.
“What challenges did we encounter with the protocol? First, the rapid adoption introduced significant security risks,” he explained. There were “blind spots” in areas like monitoring and auditing, which pose risks for enterprises deploying the protocol to their users.
So in August, “we left our previous roles, brought on David Soria Parra, the protocol’s creator, and within four months, we had signed eight unicorn clients,” he said, referring to himself and his co-founders from Zapier, Tal Peretz and Vitor Balocco.
Berman also mentioned that other advisors and investors include Travis McPeak, head of security at Cursor, and Nikita Shamgunov, founder of Neon.
