On Monday, a brand new Mannequin Context Protocol safety startup referred to as Runlayer launched out of stealth with $11 million in seed funding from Khosla Ventures’ Keith Rabois and Felicis.
It was created by third-time founder Andrew Berman (earlier firms: baby-monitor maker Nanit and an AI video conferencing instrument, Vowel, that bought to Zapier in 2024).
Within the 4 months since Runlayer launched its product in stealth, it has signed dozens of consumers, together with eight unicorns or public firms like Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp, it says. It additionally nabbed David Soria Parra, the lead creator of MCP, as an angel and advisor, Berman tells TechCrunch. (Parra didn’t reply to our request for remark.)
Parra’s workforce at Anthropic launched the protocol in November 2024 as an open supply challenge. MCP has since turn out to be the de facto customary for permitting AI brokers to attach with the info and methods they should work independently. It permits brokers to entry knowledge, transfer it, alter it, and execute enterprise processes with out human oversight.
The protocol is now supported by each main mannequin maker together with OpenAI, Microsoft, AWS, Google in addition to hundreds of tech and enterprise firms; simply to call just a few: Atlassian, Asana, Stripe, Block, others starting from banks to shopper items producers.
“Everybody talks about AI,” Berman, Runlayer’s CEO, advised TechCrunch. “however AI is admittedly solely as helpful because the instruments and the assets it has entry to.”
The issue is, the MCP protocol itself doesn’t embody a lot safety out of the field, so many MCP implementations have already been discovered to be susceptible in a wide range of methods.
Techcrunch occasion
San Francisco
|
October 13-15, 2026
The poster kids are in all probability GitHub and Asana. In Might, researchers at Invariant Labs found a immediate injection vulnerability in MCP servers that allowed them to seize knowledge from personal GitHub repositories (ones that shouldn’t have been accessible to the general public). Asana found and stuck a vulnerability in its MCP server in June that might have uncovered buyer knowledge. There’ have since been many extra kinds of assaults discovered to work on widespread MCP server setups.
As you would possibly count on, such safety points have given rise to quite a few MCP safety merchandise, together with merchandise from big-name firms like CloudFlare, Docker and Wiz — in addition to a number of startups tackling extra particular merchandise.
The most typical kind of MCP safety product lately is a gateway, primarily a safety layer for figuring out the brokers and controlling their entry to apps.
Runlayer plans to face out on this crowded market by being an all-in-one safety instrument that mixes a gateway with options like risk detection that analyzes each MCP request; observability that watched all agentic exercise throughout all MCP servers that IT has permitted; enterprise improvement the place IT can construct customized AI automations for enterprise customers; and detailed permissions that work with current establish suppliers like Okta and Entra.
Like different opponents, corresponding to open supply Obot, Runlayer enterprise customers are offered with an Okta-like catalog of the pre-vetted MCP servers that their IT will enable brokers to entry. Runlayer matches the brokers’ app permissions to the human customers’ permissions. As an illustration, some individuals may need read-only entry to monetary methods, some write entry (the flexibility to vary the info). Others don’t have any entry in any respect.
Berman believes Runlayer stands out from the group, not simply with the breadth of the product, however due to the workforce’s expertise. He based the startup as a result of, after promoting Vowel to Zapier, he turned the director of Zapier’s AI, and constructed one of many first MCP servers, working carefully on the time with OpenAI and Anthropic, he mentioned.
“What are the issues that we noticed with the protocol? One, it was the safety threat as a result of it was adopted so shortly,” he mentioned. There have been “blind spots” in areas like observability and audits, that make it dangerous for enterprises to roll out to customers.
So in August, “we left our jobs. We signed up David Soria Parra, the creator of the spec, and in 4 months, we’ve signed up eight unicorns,” he mentioned of himself and his co-founders from Zapier Tal Peretz and Vitor Balocco.
Different advisors and buyers within the firm, Berman says, embody head of safety at Cursor Travis McPeak, and founding father of Neon Nikita Shamgunov.
{content material}
Supply: {feed_title}