Keycard Raises $38M to Solve the AI Agent Identity Crisis with Runtime Authentication
Keycard’s $38 million in combined seed and Series A funding addresses a critical bottleneck emerging as enterprises deploy AI agents at scale: how to securely authenticate thousands of temporary agents without creating massive credential sprawl.
The identity infrastructure startup, emerging from stealth with backing from Andreessen Horowitz and Acrew Capital, tackles what co-founder Ian Livingstone calls the “CircleCI problem” for AI agents—the exponential complexity of managing credentials when software needs to connect across applications and companies at unprecedented scale.
The Agent Authentication Bottleneck
Traditional identity systems assume persistent users with stable credentials, but AI agents operate fundamentally differently. Enterprise deployments increasingly involve thousands of short-lived agents that spin up to solve specific tasks, access sensitive data or systems, then disappear—each requiring authentication and authorization controls.
This creates what Livingstone describes as a “box around the agent” problem. When an AI agent attempts to order supplies for a company or access financial data in Snowflake, existing security infrastructure can’t efficiently verify the agent’s identity, ownership, and authorization scope in real-time.
The scaling challenge becomes acute in enterprise contexts where agents may need access to millions of dollars in transactions and highly sensitive information. Current approaches using static API keys and stored secrets create both security vulnerabilities and operational overhead that constrains agent deployment.
Cryptographic Runtime Authentication
Keycard’s solution centers on dynamic, identity-bound tokens that authenticate agents cryptographically at the moment of each task or action—what cybersecurity professionals call “at runtime.” Rather than storing permanent credentials that could be compromised, the platform generates temporary authentication tokens scoped to specific tasks.
The company’s software development kits enable developers to implement agent authentication through what Livingstone terms “secretless” architecture. Instead of managing sprawling spreadsheets of API keys and passwords—like the 10,000+ credential audit Livingstone experienced during the CircleCI security incident while at Snyk—the system eliminates static secrets entirely.
This cryptographic approach enables enterprises to deploy what boldstart investor Ed Sim describes as agents that operate “more like thousands of short-term problem-solvers that can come and go” rather than persistent digital twins requiring permanent access rights.
Enterprise Design Partner Validation
While Keycard cannot publicly name its design partners, the company reports enterprise customers achieved deployment within hours rather than weeks typical for traditional identity infrastructure. One anonymous enterprise customer confirmed to Upstarts Media that their team integrated Keycard’s platform rapidly for agent access to GitHub repositories and cloud storage systems.
Livingstone’s credibility stems from his track record as CTO of Manifold (acquired by Snyk) and his experience scaling developer-focused security infrastructure. The founding team includes Matthew Creager (former Manifold developer relations lead) and Jared Hanson (former chief architect at Auth0 through its Okta acquisition).
The startup’s investor base spans enterprise security veterans, with Modern Technical Fund founder Amanda Robson noting Livingstone’s influence through The Infra Pod, a podcast influential in infrastructure engineering circles.
Market Timing and Competition Landscape
Keycard enters a rapidly evolving agentic security market alongside competitors including Descope, Oasis Security, and Astrix Security, as well as incumbent identity providers like Okta. The company’s launch follows significant funding rounds in adjacent AI security infrastructure, including Descope’s $88 million for AI identity control planes and Zenity’s $38 million for AI governance platforms.
The timing aligns with enterprises moving from experimental AI pilots to production deployments requiring robust security governance. Unlike traditional identity solutions designed for human users, agentic security demands authentication systems that can handle the ephemeral, task-specific nature of AI agent operations.
Livingstone acknowledges the competitive risk of “FUD creation” (fear, uncertainty, and doubt) as multiple startups and established players compete for early market definition. However, he argues that rapid market evolution—with new use cases emerging every three months—creates opportunity for developer-focused platforms to establish technical leadership.
Enterprise Agent Governance
The infrastructure challenge extends beyond authentication to broader questions of agent governance and oversight. As enterprises deploy agents with varying levels of autonomy, security teams need visibility into which agents are operating, what permissions they hold, and how they’re using enterprise resources.
Keycard’s approach addresses this through granular audit trails and real-time permission management that adapts to changing environments without requiring code changes. This governance layer becomes critical as agents increasingly handle financial transactions, access proprietary data, and make autonomous decisions affecting business operations.
Infrastructure Investment Acceleration
The $38 million funding positions Keycard to scale beyond test customers toward general availability, while building out West Coast presence to complement the team’s Canadian headquarters. The investment reflects broader venture capital focus on AI infrastructure bottlenecks, particularly security and governance layers enabling enterprise adoption.
Series A lead Acrew Capital’s investment follows the firm’s pattern of backing infrastructure platforms that solve fundamental scalability challenges in emerging technology categories. The funding enables Keycard to compete for enterprise customers against both emerging agentic security startups and established identity providers adapting their platforms for AI use cases.
Looking Forward
As enterprises progress from experimental AI pilots toward production agent deployments, identity infrastructure becomes a fundamental enabler rather than an afterthought. Keycard’s cryptographic approach to runtime authentication addresses the unique requirements of ephemeral, task-specific agents operating at enterprise scale.
The company’s roadmap includes expanding beyond basic authentication toward comprehensive agent lifecycle management, including provisioning, monitoring, and deprovisioning workflows tailored for enterprise security requirements.
The convergence of enterprise AI adoption and security governance creates infrastructure opportunities for platforms that understand the unique requirements of agentic systems. Keycard’s focus on developer experience and cryptographic authentication positions the company to capture market share as enterprises transition from human-centric to agent-native operations.
For organizations exploring agent automation, Overclock provides complementary orchestration capabilities that integrate with identity infrastructure to enable secure, scalable agent deployments across enterprise workflows.