Manifold lands $8M seed to tackle agentic AI security
As artificial intelligence evolves from chatbots into autonomous “agentic” systems that can execute commands, access tools, and interact with production environments, a new security gap is emerging: many enterprise defenses were designed to monitor human users, not software agents acting at scale.
San Francisco-based Manifold said it has raised $8 million in seed funding to build an AI Detection and Response platform focused on securing AI agents at runtime on endpoints. The round was led by Costanoa Ventures, with participation from Cherry Ventures, Rain Capital, and Modern Technical Fund. The company also cited backing from security and AI veterans including former Uber CSO Joe Sullivan and former Google DeepMind CISO Vijay Bolina.
Why agentic AI creates a new blind spot
Developer tools such as GitHub Copilot, Claude Code, and Cursor have already become commonplace, and the next wave of workplace agents is expected to extend similar capabilities beyond engineering. As these agents gain access to source code, CI/CD pipelines, databases, and third-party services, activity that resembles normal developer behavior—running scripts or calling APIs—can become harder to distinguish from risky or malicious actions when performed autonomously and repeatedly.
From prompt monitoring to behavior monitoring
Manifold was founded by Neal Swaelens and Oleksandr Yaremchuk, previously co-founders of Laiyer AI, known for the open-source LLM Guard. After Laiyer AI was acquired by Protect AI—later acquired by Palo Alto—the founders teamed with Michael McKenna to build a product aimed at what they describe as a core limitation of first-generation AI security: tools that focus on prompts and outputs rather than what an agent actually does once it takes action.
The company says its platform tracks agent behavior in real time—mapping tools used, systems accessed, and actions executed—and flags deviations from defined baselines. It is designed to be agentless, deploy quickly, and integrate without requiring new gateways or major architectural changes.
“These agents don’t just talk — they execute,” Swaelens said, arguing that endpoint-level visibility will be essential as agentic AI spreads across roles and workflows.
Related
