Capsule Security, a trust layer platform designed to secure agentic AI systems at runtime, has launched from stealth mode after closing a $7m seed funding round co-led by Lama Partners and Forgepoint Capital International.
The round brings together backing from prominent security industry figures who serve in an advisory capacity, including Chris Krebs, the inaugural director of the US Cybersecurity and Infrastructure Security Agency (CISA); Omer Grossman, who previously served as global CIO at CyberArk; Jim Routh, a former CISO across several Fortune 500 businesses; and Dr Yonesy Núñez, a former CISO with a background spanning financial services.
Capsule Security is built to address what it identifies as the most volatile element of the enterprise AI stack: what happens between the moment an AI agent receives a prompt and the moment it carries out an action. The company’s platform enforces controls within the execution path itself, aiming to prevent agents from being manipulated, behaving unexpectedly, or quietly leaking sensitive data while completing tasks inside enterprise environments. In parallel with its stealth exit, Capsule has published research uncovering two zero-day vulnerabilities in widely used agent platforms. The first, ShareLeak, is a critical-severity indirect prompt injection flaw in Microsoft Copilot Studio, which has since been patched and assigned the identifier CVE-2026-21520. The second, PipeLeak, is a prompt injection vulnerability identified in Salesforce Agentforce that can be triggered via untrusted lead-form inputs, enabling malicious content to redirect agent behaviour and trigger harmful downstream outcomes.
To address risks in open agent frameworks, Capsule developed ClawGuard, an open-source tool that introduces a pre-invocation checkpoint before an agent executes any tool call, adding a layer of scrutiny to each decision point. The company also created a companion open-source enforcer for OpenClaw environments, where each tool invocation represents a potential security vulnerability.
The need for such controls is becoming more pressing as AI agents proliferate across corporate infrastructure. Microsoft has reported that more than 80% of Fortune 500 companies are now deploying active AI agents built using low-code and no-code tools. Prior to its public launch, Capsule was selected as one of six finalists in the CrowdStrike, Amazon Web Services and NVIDIA Startup Accelerator at the RSA Conference, having competed against close to 1,000 other startups for a spot.
Capsule advisor Chris Krebs said, “AI agents are a new class of privileged user, operating at machine speed with minimal oversight. Legacy tools weren’t built to monitor what happens between prompt and action—that’s the runtime gap. Capsule closes it.”
Capsule Security CEO and co-founder Naor Paz said, “AI agents are quickly becoming a new class of privileged user in the enterprise, except they can act at machine speed and they do not behave like deterministic software. That creates a dangerous gap between what security teams can govern today and what agents can do in production. Capsule closes that gap by enforcing trust at runtime, inside the execution path, so teams can move fast with agents while staying in control of what those agents can access and execute.”
Lama Partners founding general partner and Capsule Security board member Ron Zalkind said, “Agents have the ‘superpower’ to write and deploy code at unprecedented rates, fundamentally changing how software is built and operated. With that level of power comes a new responsibility to secure it. Security leaders understand that legacy tools were never designed to interpret intent, context, and real-time behavior, which are essential for securing dynamic agentic environments. From day one, Naor and Lidan have combined deep technical rigor with clarity of vision to build a platform that allows organizations to confidently adopt AI agents while stopping dangerous actions before damage is done.”
Elsewhere, Cogent Security, a cybersecurity company building autonomous AI agents for enterprise vulnerability remediation, has raised new capital totalling $42m.
Copyright © 2026 FinTech Global
