Runlayer, a new security platform built for the Model Context Protocol (MCP), has launched from stealth with $11 million in seed funding led by Keith Rabois of Khosla Ventures and Felicis. The company was founded by serial entrepreneur Andrew Berman, known for building Nanit and the AI platform Vowel, which was acquired by Zapier in 2024.
In just four months of quiet operation, Runlayer has signed dozens of customers, including major enterprises such as Gusto, dbt Labs, Instacart, and Opendoor. The startup has also brought on David Soria Parra, the creator of MCP, as an angel and advisor. MCP, launched by Parra’s team at Anthropic in 2024, has rapidly become the industry standard for enabling AI agents to autonomously access and manipulate enterprise systems, now supported by OpenAI, Microsoft, AWS, Google, and thousands of companies including Atlassian, Asana, Stripe, and Block.
As MCP adoption accelerates, the lack of built-in security has exposed companies to prompt injection risks and data-access vulnerabilities, prompting a wave of security tools from players like Cloudflare, Docker, and Wiz. Runlayer aims to differentiate itself with a full-stack platform that combines an MCP gateway with real-time threat detection, system-wide observability, enterprise automation tooling, and granular identity-based permissions integrated with providers like Okta and Entra.
Berman said he founded Runlayer after leading Zapier’s AI efforts and helping build early MCP servers, where he saw firsthand the security gaps and audit blind spots facing enterprises. He launched the startup alongside co-founders Tal Peretz and Vitor Balocco, supported by advisors including Travis McPeak, head of security at Cursor, and Nikita Shamgunov, founder of Neon.
Featured image: Credit: Runlayer
