Straiker Raises $64M to Secure the Agents Enterprises Deploy
As companies wire autonomous agents into their systems, a new security category is forming around the attack surface those agents create.
Straiker has raised a $64 million Series A, pushing its total funding to $85 million and putting a number on one of the fastest-forming categories in enterprise software: security for AI agents. The round was led by Marathon Management Partners, Citi Ventures, Illuminate Financial, and Workday Ventures, with continued backing from Bain Capital Ventures and Lightspeed. The company's pitch is blunt — as enterprises deploy agents that reason, call tools, and take autonomous action, they are opening an attack surface that traditional security stacks were never built to see.
The Problem Nobody Provisioned For
For a decade, enterprise security assumed the actors inside a system were either humans or deterministic software. AI agents are neither. They interpret instructions in natural language, chain together tool calls, access internal systems, and make decisions that aren't fully specified in advance. That flexibility is the point — and it's also the vulnerability. An agent that can be talked into an action through a cleverly worded input, or that quietly accumulates permissions across the tools it touches, is a threat model that firewalls and endpoint agents don't address.
Straiker's argument is that this isn't a variation on existing security problems but a new one. Prompt injection, tool misuse, permission sprawl, and adversarial manipulation of an agent's reasoning are failure modes specific to autonomous systems. As more of the enterprise workflow gets handed to agents — customer support, code changes, financial operations, internal data access — the blast radius of a compromised or manipulated agent grows accordingly. The company positions itself simply as "the agentic security company," a land-grab for a category that barely existed a year ago.
Three Products, One Lifecycle
Straiker's platform maps to the lifecycle of an agent inside an organization. Discover provides visibility and governance — finding every agent operating across the enterprise, including the ones teams spun up without telling security. Ascend runs pre-deployment adversarial testing, deliberately attacking agents to surface vulnerabilities before they reach production. Defend delivers runtime protection, monitoring agent activity and stopping threats as they happen.
The structure mirrors how mature security categories eventually organize themselves: inventory what you have, test it before it ships, and watch it in production. What's notable is the compression of the timeline. Cloud security took years to move from visibility tools to full runtime defense. Agent security is arriving with all three layers at once, because enterprises are deploying agents into production faster than they built out cloud a decade ago — and the vendors know the window to define the category is now.
The Prisma Cloud Playbook
Straiker's leadership is why investors are willing to fund the whole stack at Series A. CEO Ankur Shah previously scaled Palo Alto Networks' Prisma Cloud business as SVP and general manager — one of the defining land-grabs of the cloud-security era, where a platform that unified visibility, posture, and runtime protection became a multibillion-dollar franchise. CTO Sreenath Kurupati led AI and security research at Akamai after it acquired Cyberfend, the fraud-detection company he founded. The pattern the team is running is familiar: identify an emerging compute paradigm, build the unified security platform for it early, and become the default before incumbents notice the category exists.
The traction backs the thesis. Straiker says it has grown run-rate revenue more than 15x in less than a year, and reports that its customers include Fortune 500 enterprises and frontier AI labs. That customer mix matters. The labs building the agents and the enterprises deploying them are both paying for the same protection, which suggests the problem is real on both the supply and demand sides of the agent economy — not a fear vendors manufactured to sell a product.
A Category Being Born in Real Time
The $64 million round is best read as a market-timing bet. Enterprises are moving from experimenting with agents to putting them into production workflows, and that transition is exactly when security spending gets unlocked — a proof-of-concept doesn't need a runtime defense layer, but an agent touching customer data or executing financial operations does. Straiker is racing to be the vendor of record for that spend before the platform giants ship competing offerings and before every enterprise learns, the hard way, what a manipulated agent can do.
The risk is the same one every category-creation play faces: the incumbents. Palo Alto Networks, CrowdStrike, and the cloud providers all have the distribution and the incentive to fold agent security into their existing platforms, and a well-capitalized startup has to move fast enough to become entrenched before that happens. Shah has watched that movie from the other side at Palo Alto, which is arguably Straiker's biggest asset — the team knows exactly how the incumbents will respond, because they used to be them.
What the round confirms is that the agent economy is generating its own security economy in parallel. Every autonomous system an enterprise deploys is a new thing to defend, and the market has now put $85 million behind the proposition that defending it is a business large enough to build a company on. In a year defined by what agents can do, Straiker is funding the far less glamorous question of what happens when they do the wrong thing.
