Runlayer launches enterprise version of OpenClaw as AI agent security concerns grow. The explosive rise of autonomous AI agents inside workplaces has hit a predictable wall: security. On Friday, Runlayer announced an enterprise-grade version of its popular OpenClaw agent, responding to what executives describe as a growing risk for companies whose employees are experimenting faster than security teams can react. The move reflects a broader shift now playing out across corporate America - where open-source AI tools are racing ahead of governance, compliance, and basic cyber hygiene. From developer darling to corporate headache. OpenClaw didn't become a problem because it failed. It became a problem because it worked too well. Since January, the open-source AI agent has accumulated roughly 171,000 GitHub stars, making it one of the fastest-adopted AI automation tools this year. Developers and power users quickly discovered they could wire OpenClaw into email systems, project trackers, internal databases, Slack channels, and code repositories with minimal friction. That same ease of connection is exactly what alarmed security leaders. According to Runlayer CEO Andy Berman, employees routinely spun up OpenClaw instances without IT approval, often exposing credentials, internal workflows, and proprietary data to unvetted plugins and external prompts. In internal testing cited by the company, prompt injection attacks - where malicious inputs override an AI agent's instructions - succeeded more than 90% of the time in uncontrolled environments. The result, Berman says, was not theoretical risk but active exposure. Today, Evolution AI Hub is launching OpenClaw for Enterprise. The IDEA of OpenClaw is excellent. That's why your employees already tried ClawdBot last weekend. They probably spent hours linking it to everything - email, Slack, Jira, you name it. They installed a giant security nightmare... pic.twitter.com/Yi1K2UFLyC - Andy Berman (@berman66) February 6, 2026 Unlike traditional SaaS software, autonomous agents don't just read data. They act on it. OpenClaw can send emails, update tickets, modify files, trigger workflows, and connect to dozens of services simultaneously. In an open-source setup, those permissions are often granted broadly, logged inconsistently, and monitored rarely. Security researchers have warned that once an AI agent is compromised, it becomes a privileged insider - capable of moving laterally across systems without raising alarms. That risk increases exponentially when plugins are developed by unknown third parties or forked without review. Prominent technologists have raised red flags about this trend. Meredith Whittaker, a longtime advocate for privacy-first technology, has publicly cautioned against running powerful AI agents on machines that touch sensitive data, especially without hardened isolation or oversight. What "OpenClaw for Enterprise" changes. Runlayer's new enterprise edition is designed to address the specific failure points exposed by grassroots adoption. According to the company, the enterprise version introduces substantially stronger defenses against prompt injection, continuous monitoring for anomalous behavior, and real-time threat detection that flags suspicious actions before damage spreads. Access controls are more granular, audit logs are centralized, and plugin usage is gated behind security review rather than user convenience. Just as importantly, the enterprise build shifts accountability. Instead of dozens of unmanaged instances living on employee laptops or personal cloud accounts, OpenClaw can now be deployed under corporate policy, with visibility for security and compliance teams. That distinction matters. In regulated industries - finance, healthcare, government contracting - unsanctioned automation can quickly turn into a reporting nightmare. What industry insiders are noticing. The timing of Runlayer's launch is not accidental. Across Silicon Valley and beyond, companies are discovering that AI adoption is no longer limited by model quality or cost. It's limited by trust. Security teams are being pulled into conversations they were never designed to handle at this speed, while executives struggle to balance innovation against regulatory exposure. Insiders note that OpenClaw's trajectory mirrors earlier waves of shadow IT - cloud storage in the 2010s, collaboration tools during the pandemic - but with higher stakes. An AI agent can do far more damage, far faster, than a rogue Dropbox folder ever could. Runlayer's pitch is not about slowing employees down. It's about preventing a future breach from being traced back to a weekend experiment. Why this news matters. For businesses, this launch underscores a reality many leaders are quietly confronting: AI agents are already inside their organizations, whether they approved them or not. Consumers may not feel the impact immediately, but they will if breaches, data leaks, or automated errors ripple outward. Regulators are watching closely, and insurers are already asking pointed questions about AI-related risk exposure. For developers and creators, the message is equally clear. Open-source innovation remains powerful - but enterprise deployment now demands guardrails that hobbyist tools were never built to provide. Looking ahead. Over the next year, expect enterprise AI agents to follow the same path cloud computing once did: rapid experimentation followed by consolidation under managed, audited platforms. Companies that fail to adapt may face not only security incidents, but stalled adoption as boards and legal teams hit the brakes. Those that invest early in secure AI infrastructure could gain a competitive edge, deploying automation at scale without inviting disaster. Runlayer's enterprise release is unlikely to be the last of its kind. It is, however, a clear signal that the era of "just plug it in and see what happens" is coming to an end. The AI agents are staying. The question now is whether companies are ready to control them before they control the company.

Runlayer emerges to secure MCP as adoption surges across enterprises. A new cybersecurity startup, Runlayer, has officially launched out of stealth with $11 million in seed funding led by Khosla Ventures' Keith Rabois and Felicis. The company was founded by serial entrepreneur Andrew Berman, previously behind Nanit and Vowel, the latter acquired by Zapier in 2024. Runlayer enters the market at a critical moment. As Model Context Protocol (MCP) gains industry-wide adoption, organizations are discovering significant security vulnerabilities across implementations. Berman launched Runlayer to address these issues head-on, aiming to build the first end-to-end security platform purpose-built for MCP environments. MCP's explosive adoption creates urgent security challenges. Since its debut as an open-source project by Anthropic in late 2024, MCP has quickly become the default standard for enabling AI agents to interact with enterprise systems. Every major AI model provider - including OpenAI, Microsoft, AWS, and Google - now supports MCP. Thousands of enterprises, from Atlassian to Stripe, have integrated MCP into their workflows. MCP allows AI agents to access and modify data, execute tasks, and automate complex workflows without human oversight. While powerful, this capability introduces substantial risk. The protocol includes minimal native security, leaving its implementations vulnerable to threats. Within the last year, researchers have uncovered multiple real-world exploits. GitHub systems were shown to allow unauthorized access to private repositories due to prompt-injection vulnerabilities. Asana also identified and patched an MCP flaw that could have exposed customer data. Additional weaknesses continue to emerge as MCP use expands. Runlayer's early traction shows strong market demand. Although Runlayer has been operating in stealth for only four months, the company already serves dozens of customers, including eight unicorns and publicly traded companies such as Instacart, Gusto, Opendoor, and dbt Labs. In a significant endorsement, Runlayer also secured David Soria Parra, the lead creator of MCP, as an angel investor and advisor. This connection underscores the startup's credibility as the protocol matures and security expectations rise. Berman's firsthand experience at Zapier - where he led AI initiatives and built one of the first MCP servers - gave him early insight into the protocol's blind spots. He observed gaps in observability, auditing, and enterprise controls, particularly as organizations began automating sensitive operations. A comprehensive security layer for mcp-driven enterprises. While many new MCP security products focus on narrow components like gateways, Runlayer positions itself as a full-stack security platform tailored for enterprise-scale MCP deployments. * MCP Gateway for authenticating agents and controlling access * Threat Detection Engine analyzing every MCP request for anomalies * Observability Tools monitoring agent activity across all approved MCP servers * Enterprise Automation Builder allowing IT to craft secure AI workflows * Fine-Grained Permissions integrated with Okta, Entra, and existing identity systems Runlayer mirrors the familiar feel of enterprise identity platforms: business users see an Okta-style catalog of vetted MCP servers. The system maps each AI agent's permissions directly to the user's existing access levels, preventing privilege escalation. Standing out in a crowded but growing market. MCP's rapid rise has led to a wave of security startups, with companies like Cloudflare, Docker, Wiz, and several early-stage firms launching dedicated tools. However, Runlayer argues that its depth, breadth, and expertise set it apart. The founding team includes experienced engineers from Zapier - Tal Peretz and Vitor Balocco - and is supported by advisors such as Cursor's head of security Travis McPeak and Neon founder Nikita Shamgunov. According to Berman, the speed of MCP adoption has outpaced the safety frameworks that enterprises rely on. That creates an urgent need for solutions that manage risk at scale while preserving agent autonomy. "What we saw was a protocol adopted faster than the security ecosystem could keep up," Berman said. "Enterprises need visibility and guardrails before deploying AI agents into critical systems - and that's what Runlayer is here to solve." Positioned for enterprise AI's next phase. As organizations integrate AI agents into finance, HR, operations, and product systems, securing MCP will become a core requirement. Runlayer's early customer base and high-profile backers signal growing awareness of these risks. If MCP becomes as foundational as APIs or cloud infrastructure, companies like Runlayer could become essential to the next generation of enterprise AI stacks. For now, the startup is betting that a unified security layer - built by early contributors to the ecosystem - will help enterprises adopt AI responsibly and at scale.