3 Sources
[1]
Arcade.dev raises $60M to secure enterprise AI agents
Arcade.dev raised a $60M Series A led by SYN Ventures to govern which actions AI agents can take inside company systems, the bottleneck keeping most agents stuck in pilots. The problem with letting an AI agent loose inside a company is not that it might forget who it is. It is that it has no reason to hold back. A human employee is restrained by the fear of being fired. An agent, as one investor in Arcade.dev put it, "will exhaustively exploit every permission it inherits" to reach its goal. Arcade has raised $60mn to make sure that, by design, it cannot. The Series A was led by SYN Ventures, with strategic cheques from Morgan Stanley and Wipro. Added to a $12mn seed last year, it brings the San Francisco startup to $72mn in total funding. Identity is easy. Authorisation is the wall Most companies can already verify that an agent is what it claims to be. What they cannot do, according to Arcade chief executive Alex Salazar, is prove that a given agent, acting for a given user, is allowed to perform a given action on a given system. "Agents don't fail in production because the model is wrong," Salazar said. "They fail because nobody can prove" who is authorised to do what. That gap, he argues, is why so many corporate agents never leave the pilot stage. Salazar, a former Okta product leader who once sold a startup to the identity firm, built Arcade with chief technology officer Sam Partee, formerly of Redis. The accidental product Arcade did not set out to build this. Its first product was an agent that diagnosed misbehaving servers and databases, which required sweeping super-user access. "No one in their right mind was going to actually let us do that in the real world," Salazar said. So the team split the model's reasoning from the layer that actually touches tools, and built the part that decides which tools the agent may use. Nobody was excited about the diagnostic agent. Everybody who understood AI was excited about the authorisation layer. Arcade dropped the agent and kept the plumbing. Plumbing for the agent era That plumbing now hangs off Anthropic's Model Context Protocol, the emerging standard for connecting models to tools like email and internal APIs, to which Arcade says it has contributed. Its runtime checks each request against an organisation's real permissions, can run inside a customer's own environment, and logs every action so a company can tell an agent's move apart from a human's. Salazar's argument for why a control layer has to sit outside the agent is the oldest one in enterprise risk: the thing taking an action never gets to authorise itself. Traders don't approve their own trades. A smarter model, he says, doesn't change that, and because most companies run several models at once, the control layer has to be neutral to all of them rather than owned by any one vendor. It lands amid a rush of startups selling ways to put AI agents to work and, increasingly, to fence them in. Arcade frames the incumbents as solving the wrong problem, with API gateways routing traffic and identity tools proving who you are, when the question is what an agent may do, on which system, right now. Its bet is that the boring layer underneath is where the durable business sits. The catch For now this is a roughly 40-person company that still has to scale and defend its turf in a field filling up fast. Several of its headline proof points, production use at the world's largest banks, a 25-fold jump in usage, thousands of prebuilt tools, are Arcade's own figures rather than independently verified. The underlying argument, though, is hard to dismiss. As agents start acting on systems no single person fully understands, the question of what they are permitted to touch stops being a policy document and becomes infrastructure. Arcade is betting it owns that infrastructure.
[2]
AI agent authorization startup Arcade nabs $60M investment
Arcade AI Inc., the developer of an authorization platform for artificial intelligence agents, today announced that it has raised $60 million in funding. SYN Ventures led the Series A round. It was joined by Morgan Stanley and Wipro Ltd., a publicly traded technology consulting firm. The process of giving an AI agent access to a business application comprises two steps. The first step verifies that the agent has permission to use the program. The second step, which is known as authorization, defines the specific application features that the agent may use. Arcade has developed a platform that simplifies the latter workflow for enterprises. The company was founded in 2024 by Chief Executive Officer Alex Salazar and Chief Technology Officer Sam Partee, who previously held senior product roles at Oka Inc. and Redis Inc., respectively. Today's funding round was preceded by a $12 million seed raise last year. Developers historically had to build custom authorization mechanisms for their AI agent projects. Arcade's platform provides pre-packaged authorization features that reduces the need for custom code. According to the company, that saves time and avoids the bugs often associated with ad hoc cybersecurity guardrails. Arcade determines which agent can access what application feature by integrating with companies' IdP system. An IdP is a database that tracks application access permissions. If a record in a company's IdP changes, Arcade can modify AI agent permissions accordingly, which removes the need for manual updates. When users authorize an AI agent to access a particular application feature, the access permission is typically valid round-the-clock. That means hackers who gain access to the agent can compromise the application with relative ease. Arcade says that its platform narrows the attack surface by only authorizing specific agent actions. The system performs authorization using a popular open-source protocol called Oath 2.0. The technology manages agents' access to applications using pieces of data called OATH tokens, which serve a similar role as passwords. Arcade stores OTH tokens to spare developers the hassle of managing them. It encrypts them before rather than after sending them to storage, which makes it more difficult for hackers to decipher the data. For added measure, Arcade has equipped its platform with a so-called salting mechanism. It mitigates the cybersecurity risks associated with credentials that have identical plaintext values. Arcade enables companies to log the actions of agents powered by its platform. Additionally, it provides access to more than 8,000 MCP tools that those agents can use to automate work tasks. "Agents don't fail in production because the model is wrong," Salazar said. "They fail because nobody can prove that for any given action by an agent, whether that agent on behalf of that user can perform that action on that resource. That's what we built." Arcade will use its new funding to expand its platform's agent governance features and MCP tool catalog.
[3]
Arcade Raises $60 Million to Control AI Agents | PYMNTS.com
The company will use the new funding for product development, ecosystem growth and hiring to support enterprise AI deployment as it scales from pilots to production workflows, it said in a Monday (June 15) press release. "Agents don't fail in production because the model is wrong," Arcade.dev Co-Founder and CEO Alex Salazar said in the release. "They fail because nobody can prove that for any given action by an agent, whether that agent on behalf of that user can perform that action on that resource. That's what we built." Arcade's secure action layer provides authorization that ensures agents get the access the user has, only for the action they're taking; reliability provided by tools built for the way agents use them; and governance that maintains a complete audit trail of every action, according to the release. The company's Series A funding round follows a 2025 seed round in which it raised $12 million. It brings the company's total funding to $72 million. The latest round was led by SYN Ventures, with strategic investment from Morgan Stanley and Wipro, per the release. Jay Leek, managing partner at SYN Ventures and board director at Arcade, said in the release agents are now at the point where adoption has outrun the infrastructure that makes the technology safe. "Arcade is the only company we've seen that built for the production reality from day one, which is why every serious enterprise agent deployment is going to run through them," Leek said. Salazar said in a Friday (June 12) blog post that every enterprise is grappling with how to let agents act inside the company without losing control of what the agents do. "The answer is obvious now, and we have a two-year head start on everyone just starting to realize how big it is," Salazar said. "We're not slowing down. The $60 million is to accelerate: more tools, deeper governance, broader reach, and faster, more powerful releases, so no one can catch up."
Share
Copy Link
Arcade secured $60M in Series A funding led by SYN Ventures, with Morgan Stanley and Wipro joining, to tackle the authorization bottleneck preventing AI agents from reaching production. The San Francisco startup built infrastructure that governs which actions AI agents can take inside company systems, addressing the gap between pilot programs and real-world deployment.
Arcade has raised $60M Series A funding led by SYN Ventures, with strategic investments from Morgan Stanley and Wipro, bringing its total funding to $72 million after a $12 million seed round in 2025
1
2
. The San Francisco startup, founded in 2024 by CEO Alex Salazar and CTO Sam Partee, addresses a critical infrastructure gap that keeps most AI agents trapped in pilot programs rather than production deployment3
.
Source: PYMNTS
The company's roughly 40-person team has built what it calls a secure action layer that determines which actions AI agents can perform on specific systems at any given moment. "Agents don't fail in production because the model is wrong," Salazar explained. "They fail because nobody can prove that for any given action by an agent, whether that agent on behalf of that user can perform that action on that resource"
2
.Most companies can already verify an AI agent's identity, but governance and authorization for AI agents presents a different challenge entirely. As one investor noted, an agent "will exhaustively exploit every permission it inherits" to reach its goal, unconstrained by the fear of consequences that restrains human employees
1
. This fundamental difference between human and machine behavior creates serious risks when agents access enterprise systems with inherited permissions.Arcade's platform integrates with companies' identity provider (IdP) systems to track application access permissions dynamically. When a record in the IdP changes, Arcade automatically modifies AI agent permissions, eliminating manual updates
2
. The system performs authorization using OAuth 2.0, managing agents' access through encrypted tokens stored with additional cybersecurity guardrails including salting mechanisms to protect credentials.
Source: SiliconANGLE
Arcade didn't initially set out to build authorization infrastructure. The company's first product was a diagnostic agent for misbehaving servers and databases that required extensive super-user access. "No one in their right mind was going to actually let us do that in the real world," Salazar admitted
1
. The team split the model's reasoning from the layer that touches tools, building the authorization component that decides which tools agents may use. When customers showed more interest in the authorization layer than the diagnostic agent itself, Arcade pivoted completely.The platform now integrates with Anthropic's Model Context Protocol (MCP), the emerging standard for connecting models to tools like email and internal APIs. Arcade's runtime checks each request against an organization's actual permissions, can operate inside a customer's own environment, and logs every action to distinguish agent behavior from human activity
1
. The company provides access to more than 8,000 MCP tools that agents can use to automate work tasks2
.Related Stories
Salazar's core argument centers on a principle from enterprise risk management: the system taking an action should never authorize itself, just as traders don't approve their own trades. A more sophisticated model doesn't change this requirement, and because most companies run multiple models simultaneously, the control layer must remain neutral rather than vendor-owned
1
.Jay Leek, managing partner at SYN Ventures and board director at Arcade, stated that agents have reached a point where "adoption has outrun the infrastructure" that makes the technology safe. "Arcade is the only company we've seen that built for the production reality from day one, which is why every serious enterprise agent deployment is going to run through them," Leek said
3
.Arcade will deploy its new capital toward product development, expanding its platform's governance features, growing its MCP tool catalog, and hiring to support enterprise AI deployment as companies scale from pilots to production workflows
3
. The company claims production use at major global banks and reports a 25-fold increase in usage, though these figures remain internally sourced rather than independently verified1
.Salazar emphasized the company's head start in a recent blog post, noting that "every enterprise is grappling with how to let agents act inside the company without losing control." He added, "We have a two-year head start on everyone just starting to realize how big it is. We're not slowing down"
3
. As agents begin acting on systems too complex for any single person to fully understand, the question of what they're permitted to access shifts from policy documentation to critical infrastructure, positioning authorization as the foundation for safe, scalable enterprise AI adoption.Summarized by
Navi
[1]
[2]
30 Jul 2025•Technology

30 Jun 2026•Startups

29 Jul 2025•Technology

1
Technology

2
Policy and Regulation

3
Policy and Regulation
