"On Monday, a new Model Context Protocol security startup called Runlayer launched out of stealth with $11 million in seed funding from Khosla Ventures' Keith Rabois and Felicis. It was created by third-time founder Andrew Berman (previous companies: baby-monitor maker Nanit and an AI video conferencing tool, Vowel, that sold to Zapier in 2024). In the four months since Runlayer launched its product in stealth, it has signed dozens of customers, including eight unicorns or public companies like Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp, it says."
"The problem is, the MCP protocol itself doesn't include much security out of the box, so many MCP implementations have already been found to be vulnerable in a variety of ways. The poster children are probably GitHub and Asana. In May, researchers at Invariant Labs discovered a prompt injection vulnerability in MCP servers that allowed them to grab data from private GitHub repositories (ones that shouldn't have been accessible to the public)."
Runlayer launched out of stealth with $11 million in seed funding from Khosla Ventures' Keith Rabois and Felicis. Andrew Berman, a third-time founder who previously founded Nanit and Vowel, created Runlayer. The company signed dozens of customers within four months, including multiple unicorns and public companies such as Gusto, Rippling, dbt Labs, Instacart, Opendoor, and Ramp. David Soria Parra, lead creator of the Model Context Protocol (MCP), joined as an angel and advisor. MCP, launched by Anthropic in November 2024 as open source, became a de facto standard enabling AI agents to access, move, alter data, and execute business processes autonomously. MCP lacks strong built-in security, and implementations have been found vulnerable, including prompt-injection exploits exposing private GitHub data and an Asana vulnerability that was fixed.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]