Straiker raises $64M Series A to defend autonomous AI agents

Agent security is starting to look like its own enterprise category, and the latest data point is Straiker, a Silicon Valley startup that Axios reported has closed a $64 million Series A led by Marathon Management Partners. That brings total funding to $85 million, on top of a $21 million seed in March 2025 from Lightspeed Ventures and Bain Capital Ventures.

The pitch is narrow and load-bearing. Straiker was founded in 2024 by Ankur Shah, the former SVP and GM of Prisma Cloud at Palo Alto Networks, and Sreenath Kurupati, formerly Vice President of AI, Data Science and Security Research at Akamai. The product line splits along an obvious axis. Ascend AI is an adversarial testing engine that probes agents for prompt injection, goal hijacking, tool misuse and inter-agent manipulation before deployment. Defend AI is the runtime layer that watches for identity abuse, memory poisoning and data exfiltration in production. The company's claim is 98.1% threat detection accuracy, which is the kind of number worth taking as marketing rather than settled benchmark.

Why this might matter to a practitioner: the named customer list, including Omada Health, Coupa, American Express Global Business Travel, Enterprise DB, Automation Anywhere and People AI, leans into industries where an agent quietly making a wrong tool call has real-world consequences. According to the govinfosecurity write-up, the capital is going into GPU capacity, model development and pre- and post-training work intended to improve detection accuracy while holding latency and operating costs down, which is the actual engineering bottleneck for in-line security on agent traffic.

The honest caveats are worth saying out loud. A founder-stated detection rate is not the same as an independent evaluation, and prompt injection as a class of attack does not have a settled benchmark the way malware or phishing detection does. What the reporting does not give you is the round's valuation, the agent volume the platform sees in production, or how Straiker compares head to head with the other agent-security entrants raising this cycle.

The forward-looking part: whoever ships the boring, reliable runtime layer for agent traffic, the equivalent of a WAF or EDR but for tool calls and memory, sits on a category that is about to get noisy. Straiker's bet is that being early, narrow and ex-Palo Alto is enough to claim that ground.