Arcade Raises $60M to Solve the Authorization Problem Keeping AI Agents Stuck in Pilot Mode

3 Sources

Share

Arcade secured $60M in Series A funding led by SYN Ventures, with Morgan Stanley and Wipro joining, to tackle the authorization bottleneck preventing AI agents from reaching production. The San Francisco startup built infrastructure that governs which actions AI agents can take inside company systems, addressing the gap between pilot programs and real-world deployment.

Arcade Secures $60M Series A to Control AI Agents in Enterprise Systems

Arcade has raised $60M Series A funding led by SYN Ventures, with strategic investments from Morgan Stanley and Wipro, bringing its total funding to $72 million after a $12 million seed round in 2025

1

2

. The San Francisco startup, founded in 2024 by CEO Alex Salazar and CTO Sam Partee, addresses a critical infrastructure gap that keeps most AI agents trapped in pilot programs rather than production deployment

3

.

Source: PYMNTS

Source: PYMNTS

The company's roughly 40-person team has built what it calls a secure action layer that determines which actions AI agents can perform on specific systems at any given moment. "Agents don't fail in production because the model is wrong," Salazar explained. "They fail because nobody can prove that for any given action by an agent, whether that agent on behalf of that user can perform that action on that resource"

2

.

Why AI Agent Authorization Matters More Than Identity

Most companies can already verify an AI agent's identity, but governance and authorization for AI agents presents a different challenge entirely. As one investor noted, an agent "will exhaustively exploit every permission it inherits" to reach its goal, unconstrained by the fear of consequences that restrains human employees

1

. This fundamental difference between human and machine behavior creates serious risks when agents access enterprise systems with inherited permissions.

Arcade's platform integrates with companies' identity provider (IdP) systems to track application access permissions dynamically. When a record in the IdP changes, Arcade automatically modifies AI agent permissions, eliminating manual updates

2

. The system performs authorization using OAuth 2.0, managing agents' access through encrypted tokens stored with additional cybersecurity guardrails including salting mechanisms to protect credentials.

Source: SiliconANGLE

Source: SiliconANGLE

From Accidental Discovery to AI Agent Infrastructure

Arcade didn't initially set out to build authorization infrastructure. The company's first product was a diagnostic agent for misbehaving servers and databases that required extensive super-user access. "No one in their right mind was going to actually let us do that in the real world," Salazar admitted

1

. The team split the model's reasoning from the layer that touches tools, building the authorization component that decides which tools agents may use. When customers showed more interest in the authorization layer than the diagnostic agent itself, Arcade pivoted completely.

The platform now integrates with Anthropic's Model Context Protocol (MCP), the emerging standard for connecting models to tools like email and internal APIs. Arcade's runtime checks each request against an organization's actual permissions, can operate inside a customer's own environment, and logs every action to distinguish agent behavior from human activity

1

. The company provides access to more than 8,000 MCP tools that agents can use to automate work tasks

2

.

Enterprise AI Adoption Hinges on Production-Ready Infrastructure

Salazar's core argument centers on a principle from enterprise risk management: the system taking an action should never authorize itself, just as traders don't approve their own trades. A more sophisticated model doesn't change this requirement, and because most companies run multiple models simultaneously, the control layer must remain neutral rather than vendor-owned

1

.

Jay Leek, managing partner at SYN Ventures and board director at Arcade, stated that agents have reached a point where "adoption has outrun the infrastructure" that makes the technology safe. "Arcade is the only company we've seen that built for the production reality from day one, which is why every serious enterprise agent deployment is going to run through them," Leek said

3

.

What's Next for AI Agent Security and Governance

Arcade will deploy its new capital toward product development, expanding its platform's governance features, growing its MCP tool catalog, and hiring to support enterprise AI deployment as companies scale from pilots to production workflows

3

. The company claims production use at major global banks and reports a 25-fold increase in usage, though these figures remain internally sourced rather than independently verified

1

.

Salazar emphasized the company's head start in a recent blog post, noting that "every enterprise is grappling with how to let agents act inside the company without losing control." He added, "We have a two-year head start on everyone just starting to realize how big it is. We're not slowing down"

3

. As agents begin acting on systems too complex for any single person to fully understand, the question of what they're permitted to access shifts from policy documentation to critical infrastructure, positioning authorization as the foundation for safe, scalable enterprise AI adoption.

Today's Top Stories

© 2026 TheOutpost.AI All rights reserved