Enterprise Security in the Agentic AI Era

Helmet Security

2 min read

Helmet Security

Sources: Homepage · Funding announcement (Helmet blog) · SiliconANGLE coverage · SecurityWeek coverage

What

Washington DC-area startup co-founded by Fred Kneip (founder of CyberGRX, which raised $100M and was acquired into Marlin Equity / ProcessUnity) and Kaushik Shanadi. Builds an end-to-end platform that discovers, monitors, and enforces controls on MCP servers across the enterprise — pitched as the agentic-communications counterpart to traditional EDR/network-monitoring layers (Source: SiliconANGLE).

Funding

$9M seed round, December 4, 2025 — led by SYN Ventures with WhiteRabbit Ventures. Fifth-largest agentic-AI-security seed in the 12-month window.

Relevance

Maps to the RA Egress plane (MCP communications) and the Observability plane (continuous monitoring), with the AI-BOM / supply chain plane in scope through the discovery surface.

CMM evidence: D5 L3-L4 (egress / MCP), D7 L3-L4 (continuous monitoring), D8 L3 (AI-BOM via runtime MCP discovery).

Architectural distinction from Runlayer: where Runlayer is an inline gateway (sits in the data path), Helmet positions as a discovery-monitoring-and-posture layer that integrates with existing EDR — closer to AI-SPM in shape than to a gateway. This pairing is a direct instance of the gateway vs. instrumentation architectural fork.

Cited contextual data: “over 17,000 MCP servers deployed since [the protocol’s] launch in November 2024, most unmonitored” — the same scale-and-novelty argument that sells the category.

Product

Three advertised functions:

  1. Identify — find MCP servers as they appear in the environment
  2. Monitor — continuous visibility into MCP communications and connections
  3. Enforce — controls on what MCP servers do, in what context

Integrates with existing endpoint-detection-and-response stacks rather than replacing them. Identifies new MCP communication paths as they appear and immediately brings them under management — a pattern matching the Shadow Automation discovery problem.

Notable Statements

  • Kneip’s CyberGRX background colors the positioning: third-party-risk-style continuous discovery, applied to MCP-mediated agent-to-agent and agent-to-tool communications (the AI-to-AI links framing in Fintech Global).

See Also

Graph View

Backlinks