On Monday, a brand new Mannequin Context Protocol safety startup referred to as Runlayer launched out of stealth with $11 million in seed funding from Khosla Ventures’ Keith Rabois and Felicis. 

It was created by third-time founder Andrew Berman (earlier firms: baby-monitor maker Nanit and an AI video conferencing software, Vowel, that offered to Zapier in 2024).

Within the 4 months since Runlayer launched its product in stealth, it has signed dozens of shoppers, together with eight unicorns or public firms like Gusto, dbt Labs, Instacart, and Opendoor, it says. It additionally nabbed David Soria Parra, the lead creator of MCP, as an angel and advisor, Berman tells TechCrunch. (Parra didn’t reply to our request for remark.) 

Parra’s staff at Anthropic launched the protocol in November 2024 as an open supply mission. MCP has since turn out to be the de facto normal for permitting AI brokers to attach with the information and techniques they should work independently. It permits brokers to entry knowledge, transfer it, alter it, and execute enterprise processes with out human oversight. 

The protocol is now supported by each main mannequin maker together with OpenAI, Microsoft, AWS, and Google, in addition to 1000’s of tech and enterprise firms; simply to call a number of: Atlassian, Asana, Stripe, Block, and others starting from banks to shopper items producers. 

“Everybody talks about AI,” Berman, Runlayer’s CEO, informed TechCrunch, “however AI is admittedly solely as helpful because the instruments and the sources it has entry to.”

The issue is, the MCP protocol itself doesn’t embrace a lot safety out of the field, so many MCP implementations have already been discovered to be susceptible in quite a lot of methods.

The poster youngsters are in all probability GitHub and Asana. In Might, researchers at Invariant Labs found a immediate injection vulnerability in MCP servers that allowed them to seize knowledge from non-public GitHub repositories (ones that shouldn’t have been accessible to the general public). Asana found and mounted a vulnerability in its MCP server in June that would have uncovered buyer knowledge. There have since been many extra kinds of assaults discovered to work on widespread MCP server setups.  

As you would possibly anticipate, such safety points have given rise to quite a few MCP safety merchandise, together with merchandise from big-name firms like Cloudflare, Docker, and Wiz — in addition to a number of startups tackling extra particular merchandise. 

The most typical kind of MCP safety product today is a gateway, primarily a safety layer for figuring out the brokers and controlling their entry to apps. 

Runlayer plans to face out on this crowded market by being an all-in-one safety software that mixes a gateway with options like menace detection that analyzes each MCP request; observability that watched all agentic exercise throughout all MCP servers that IT has permitted; enterprise improvement the place IT can construct customized AI automations for enterprise customers; and detailed permissions that work with present id suppliers like Okta and Entra. 

Like different opponents, similar to open supply Obot, Runlayer enterprise customers are offered with an Okta-like catalog of the pre-vetted MCP servers that their IT will permit brokers to entry. Runlayer matches the brokers’ app permissions to the human customers’ permissions. For example, some individuals might need read-only entry to monetary techniques, some write entry (the flexibility to alter the information). Others don’t have any entry in any respect.  

Berman believes Runlayer stands out from the gang, not simply with the breadth of the product, however due to the staff’s expertise. He based the startup as a result of, after promoting Vowel to Zapier, he turned the director of Zapier’s AI, and constructed one of many first MCP servers, working intently on the time with OpenAI and Anthropic, he stated.  

“What are the issues that we noticed with the protocol? One, it was the safety danger as a result of it was adopted so rapidly,” he stated. There have been “blind spots” in areas like observability and audits, that make it dangerous for enterprises to roll out to customers.

So in August, “we left our jobs. We signed up David Soria Parra, the creator of the spec, and in 4 months, we’ve signed up eight unicorns,” he stated of himself and his co-founders from Zapier Tal Peretz and Vitor Balocco.

Different advisors and buyers within the firm, Berman says, embrace head of safety at Cursor Travis McPeak, and founding father of Neon Nikita Shamgunov.