Breaking
Straiker raises $64M Series A - total funding now $85M Led by Marathon Management Partners with Citi Ventures & Workday Ventures Run-rate revenue grew more than 15x in under 12 months STAR Labs: 91% of attacks on productivity agents ended in silent data exfiltration Trusted by Fortune 500 enterprises and frontier AI labs Straiker raises $64M Series A - total funding now $85M Led by Marathon Management Partners with Citi Ventures & Workday Ventures Run-rate revenue grew more than 15x in under 12 months STAR Labs: 91% of attacks on productivity agents ended in silent data exfiltration Trusted by Fortune 500 enterprises and frontier AI labs
Company Profile Agentic AI Security Sunnyvale, CA

Straiker

Security for the agentic workforce. Agents don't wait for permission - and neither do the threats targeting them.

Straiker - the agentic AI security company

Sunnyvale, CA. The company card for a two-year-old startup that decided the safest way to protect an AI agent was to spend all day trying to break it. Two-thirds of the payroll does exactly that.

Share this profile
$85M
Total Raised
15x
Revenue Growth <12 mo
91%
Productivity-Agent Attacks Leaking Data
~62
Employees
The Dispatch

A security company for software that argues back

Companies are handing AI agents real access to real systems - inboxes, code repos, customer records. Straiker's pitch is that this new kind of employee needs a new kind of security guard.

Here is a thing that is true and slightly alarming at the same time: a lot of large companies have, over the past 18 months, quietly given software agents the ability to read their email, write to their databases, and call their internal tools - the kind of access you'd normally make a human badge in for. The agents are fast, they're tireless, and they do not, in the traditional sense, wait for permission. That's the selling point. It's also the problem.

Straiker, a two-year-old company headquartered on South Murphy Avenue in Sunnyvale, exists because that access is a gift to attackers. If you can trick an AI agent into misreading an instruction - a poisoned document here, a cleverly worded email there - you can potentially get it to do things its owner never intended. Straiker's own research team found that in testing, 91% of attacks on productivity agents ended in silent data exfiltration and 36% of attacks on coding agents achieved remote code execution. "Silent" is the operative word. The agent does its job, the data walks out the door, and nobody files an incident report because nobody noticed.

The company calls itself "the agentic security company," which is a bold claim to plant a flag on, but it has the résumés to make it. Co-founder and CEO Ankur Shah previously ran Prisma Cloud at Palo Alto Networks as SVP and GM, a business he helped scale by a reported 50x over five years. Co-founder and CTO Sreenath Kurupati spent 20-plus years in security and AI, most recently leading AI and security research at Akamai after it acquired the fraud-detection company he founded. These are not people new to the idea that attackers are patient and well-funded.

Discover, attack, defend

Straiker's platform breaks the job into three parts, which is a tidy structure and also happens to mirror how a real adversary thinks. First you find the attack surface, then you probe it, then you guard it.

Discover AI maps every AI agent, MCP server, and workflow already running across an enterprise - and Straiker's data suggests companies routinely underestimate that count. (One of its more quotable findings: 28.6% of cataloged MCP tools are, in its phrasing, "dangerous on their face.") Ascend AI is the adversarial engine - it continuously red-teams those agents before deployment, hunting for prompt injection, goal hijacking, tool misuse, and inter-agent manipulation. Defend AI is the runtime layer, blocking identity abuse, memory poisoning, data exfiltration, and resource exploitation while the agents are live, and doing it without adding the kind of latency that would make anyone turn it off.

The elegant part - the part that makes an engineer nod - is that these two halves talk to each other. Every attack Ascend AI discovers automatically sharpens Defend AI's detection engine. Offense feeds defense in a closed loop, so the product gets meaner over time without a human having to hand-write a new rule for every fresh exploit. Most security tools don't get to learn from their own red team. Straiker built the red team into the product.

The Platform

Three agents, one loop

01Map

Discover AI

Inventories the agents, MCP servers, and AI workflows running across the enterprise - revealing the full AI attack surface, including the parts nobody knew were live.

02Attack

Ascend AI

An adversarial red-teaming engine that continuously attacks agents before deployment to expose prompt injection, goal hijacking, tool misuse, and inter-agent manipulation.

03Defend

Defend AI

Runtime protection that detects and blocks identity abuse, memory poisoning, data exfiltration, and resource exploitation - without slowing the agents down.

"Agents don't wait for permission and neither do the threats targeting them."
- Straiker
The Research

Two-thirds of the company breaks things

The most unusual fact about Straiker isn't in its funding round - it's in its org chart. Roughly two-thirds of the company works in a threat-research group called STAR Labs, drawing people from FireEye, Mandiant, Microsoft, Meta, and the U.S. Department of Defense. Their job is not to ship features. It's to produce original threat intelligence by breaking AI agents, and to feed everything they learn straight back into the product.

This is a deliberate bet. Plenty of security vendors buy threat feeds; Straiker generates its own, which is why its marketing can cite specific, uncomfortable numbers instead of vague warnings. When STAR Labs finds a new way to hijack a coding agent, that finding doesn't become a blog post and nothing else - it becomes a detection rule in Defend AI. The research team is, in a real sense, the R&D department and the marketing department at once.

It's also a hedge against the pace of the field. AI agent attack techniques are being invented faster than any static rulebook can keep up with. A company that keeps most of its people on offense is betting that the threats will keep changing - and, so far, they are right often enough that Fortune 500 enterprises and frontier AI labs are paying for it.

Prompt Injection Goal Hijacking Tool Misuse Memory Poisoning Data Exfiltration Identity Abuse Inter-Agent Manipulation MCP Risk

The Basics

  • Founded2024, Sunnyvale, California
  • FoundersAnkur Shah (CEO), Sreenath Kurupati (CTO)
  • CategoryAI-native / agentic security (B2B SaaS)
  • Team~62 people, ~2/3 in STAR Labs research
  • HQ157 S Murphy Ave, Sunnyvale, CA 94086
  • ProductsDiscover AI, Ascend AI, Defend AI

The Money

Series A
June 2026 - Marathon, Citi Ventures, Illuminate, Workday Ventures
$64M
Launch / Seed
March 2025 - Lightspeed, Bain Capital Ventures
$21M
Total Raised
Board addition: Gokul Rajaram (Marathon)
$85M

Existing backers Bain Capital Ventures and Lightspeed re-upped in the Series A - a signal that early investors liked what the first year produced.

Who Trusts It

Fortune 500s and frontier labs

Straiker says its customers span Fortune 500 enterprises and leading frontier AI labs. Publicly referenced names include:

Omada Health Coupa Amex GBT Automation Anywhere Comcast Fortinet Snowflake Deloitte Workato SharkNinja DirecTV Chargebee

"Straiker helped remove the security blindspot in our B2B AI Application."

- Ken Ricketts, Coupa

The Story So Far

From stealth to Series A

2024

Founded in Sunnyvale

Ankur Shah and Sreenath Kurupati start Straiker to build AI-native security for AI applications and agents.

March 2025

Out of stealth with $21M

Straiker launches publicly with initial funding from Lightspeed and Bain Capital Ventures.

2025-2026

Ascend AI wins recognition

Named a Cybersecurity Stars Awards 2026 winner for AI security testing / red teaming; STAR Labs publishes original agent-threat research.

June 2026

$64M Series A

Marathon Management Partners leads; Citi Ventures, Illuminate Financial and Workday Ventures join. Total raised reaches $85M as run-rate revenue grows more than 15x in under a year.

Watch & Read

Demos, interviews & deep dives

Questions

The FAQ

What does Straiker do?
Straiker builds AI-native security for AI agents and applications. Its platform discovers an enterprise's AI attack surface (Discover AI), red-teams agents before deployment (Ascend AI), and defends them against attacks at runtime (Defend AI).
Who founded Straiker?
Ankur Shah, Co-Founder & CEO (formerly SVP & GM of Prisma Cloud at Palo Alto Networks), and Sreenath Kurupati, Co-Founder & CTO (formerly VP of AI and Security Research at Akamai).
How much has Straiker raised?
$85M total - a $21M launch round in March 2025 and a $64M Series A in June 2026 led by Marathon Management Partners, with Citi Ventures, Illuminate Financial, Workday Ventures, Bain Capital Ventures and Lightspeed participating.
What are the products?
Discover AI (attack-surface mapping), Ascend AI (adversarial red-teaming), and Defend AI (runtime protection). They form a closed loop where offensive findings automatically strengthen defensive coverage.
Who uses Straiker?
Fortune 500 enterprises and frontier AI labs, including publicly referenced customers such as Omada Health, Coupa, Automation Anywhere, Comcast, Fortinet, Snowflake and Deloitte.
Connect

Find Straiker