Keycard

Sources: Launch announcement (GlobeNewswire) · boldstart investment thesis · SiliconANGLE coverage · Upstarts Media profile

Homepage URL above is unverified — re-validate when Keycard publishes a public site.

What

Identity-and-access platform for AI agents. Provides real-time, contextual guardrails that let enterprises grant AI agents controlled access to internal systems, with the explicit pitch of replacing static, human-driven workflows with machine-driven, autonomous, agentic applications built on top.

Founding team has unusually deep identity-platform pedigree:

• Ian Livingstone and Matt Creager — previously at Manifold (acquired by Snyk); helped scale Snyk
• Jared Hanson — creator of Passport.js, former Chief Architect at Auth0

(Source: boldstart, SiliconANGLE)

Funding

**$8Mseedround\ast \ast ledby\ast \ast a16z\ast \ast and\ast \ast boldstartventures\ast \ast (roundclosedpriortopubliclaunch,exactdatenotdisclosed;predatesthe$30M Series A).

$30M Series A, October 21, 2025 — led by Acrew Capital.

$38M total, launch-day announcement.

The seed itself is sixth-largest agentic-AI-security seed in the 12-month window; total funding exceeds every other seed-stage agent-security startup at launch.

Relevance

Maps cleanly to the RA Identity plane (primary) with strong overlap into Control (least-agency policy enforcement). In the CMM, evidence supports D2 L3-L4 (identity & authorization) and D3 L3-L4 (control & least-agency).

Direct competitor positioning to Okta for AI Agents and Microsoft Entra Agent ID — but earlier-stage and developer-platform-shaped, not enterprise-IDP-shaped. For organizations that don’t already run on Okta or Microsoft, Keycard becomes a credible third commercial option for the agent-IAM slot.

Adjacent to capability-based authorization research (Tenuo Warrant) but in a different lane: Keycard is identity + access-policy (PDP/PEP-shaped), not artifact-carrying-policy capability tokens.

Product

Per launch coverage:

• Identity for agents — agent-as-principal model, distinct from human identities
• Real-time, contextual guardrails — policy decisions made at access time, not statically bound at deploy
• Foundations for trusted agentic applications at scale — developer-platform pitch
• Integrates with enterprise systems as the access broker

Gap

No public technical documentation as of May 2026 on the access-control model (RBAC vs ABAC vs capability-based vs hybrid), the policy language used, or whether Keycard implements the PAP split explicitly.

Notable Statements

• The Hanson + Manifold + Snyk lineage signals Keycard is built by the identity platform-builder community, not the AI-research community — it inherits the Auth0 / IdP playbook applied to NHIs and agents. This contrasts with the Tenuo research-grade capability-token approach.

See Also

• Synthesis: Agentic AI Security Seed Funding May 2025–May 2026
• Okta for AI Agents — enterprise primary
• Microsoft Entra Agent ID — M365/Azure primary
• Non-Human Identity