The computer security startup CodeIntegrity on Wednesday announced a $5 million seed round to support its efforts to build meaningful protections for agentic AI applications.
The San Francisco-based company made a splash last year when it demonstrated how easy it was to trick AI models from multiple tech companies into sharing private information, earning a mention in The Economist last September for compromising the note-taking app Notion in less than four hours.
“Every company was aiming to launch agents into deployment, and they didn’t know how to do it safely,” said Abi Raghuram, CodeIntegrity co-founder and CTO.
The core challenge is a fundamental one. Traditional software relies on deterministic controls, meaning that if you type “X,” the computer always does “Y.” But AI agents — tools that can autonomously perform computer tasks — are non-deterministic since they’re driven by natural language models. That makes them vulnerable to “prompt injection” attacks, in which a bad actor inserts malicious text into a model and triggers the agent to do things like expose sensitive data.
To keep these agents in check, companies either employ human-in-the-loop oversight or deploy a second LLM as a judge, but neither approach is fully scalable or entirely foolproof.
“There’s going to be more and more agents being deployed in enterprise settings, and no one has figured (security) out yet,” said Steven Jung, CodeIntegrity co-founder and CEO. “We want to be the first one to actually provide that deterministic control for these companies.”
CodeIntegrity’s solution is to insert a permanent security guardrail called a runtime control layer. Acting as both a translator and a filter, it forces an unpredictable AI model to play by strict, predictable rules and limits which enterprise systems and data an AI agent is allowed to touch.
Raghuram and Jung met at Rose-Hulman Institute of Technology, a top undergraduate engineering school in Indiana. After a few years working separately at other employers, the two reconnected and founded CodeIntegrity in the Seattle area in May 2024. Later that year, they participated in Antler’s New York residency program for early-stage startups.
The now five-person company still has engineers in Washington state, though the two co-founders recently relocated to San Francisco.
Cybersecurity-focused Syn Ventures led the new round, with participation from existing pre-seed investors Antler and Boost VC.
About six companies are currently piloting CodeIntegrity’s product. The co-founders said they haven’t finalized their pricing model, but expect to offer annual contracts similar to those common in the cybersecurity industry.
Other startups are tackling agentic AI security as well, including Seattle’s Certiv, which emerged from stealth in March, and California’s Raven and Manifold Security.
Raghuram, who worked at Seattle’s Truveta for more than three years, said he’s eager to recruit engineers from the area, but called San Francisco “ground zero for everything agentic LLM.”
“Seattle is a solid place to hire good incumbent talent from Microsoft and Amazon, which is kind of what you want with a fast-moving startup,” he said. “But as founders, if you want to be in the know-how of what’s happening in agentic land, the Bay Area is the place.”
Read the full article here
