By: Kaushik Shanadi, CTO and Co-Founder

Most of my peers see agentic AI as a new superpower emerging: LLMs that can interface with internal systems, automate workflows, and remove friction that used to live deep in scripts and UIs. However, as a security conscious individual, I know that CISOs don’t necessarily see it as a superpower. Instead, they’re picturing every new way something could go wrong and preemptively mapping the blast radius.

At its core, Helmet Security was born from that collision. It started as a side project, something I was tinkering with mostly out of curiosity. I wrote my first MCP server, plugged it in, and it just…worked! It felt like those early Docker/Kubernetes moments where you realize that this changes everything. Suddenly, LLMs could talk to your internal systems (databases, Salesforce, HubSpot, whatever you’ve got) through natural language.

But the second that excitement hit, so did the reality check. Because if an agent can do all of this cool stuff for you, it can also do a lot of bad stuff to you. Unmonitored access. Unbounded behavior. Malicious injections and more. I know my peers want freedom and speed. Yet, I also recognize that CISOs want visibility and control. That friction and the question of how to let people build without letting things spiral was the moment Helmet shifted from an interesting idea into something worth fully pursuing.

The Side Project That Became a Company

My first instinct was to scan for problems at the source: MCP server code. Developers were casually throwing their servers on GitHub and basically saying “Here, run this.” Which is how Helmet Security began, as a scanner to catch sneaky tags or hidden behaviors that unsuspecting users would never see coming. A month later, a large company bought a competing startup focused on scanning LLMs and agentic connections for vulnerabilities, and I had a classic founder “what now?” moment.

That turned out to be the push I needed. I didn’t want to build just a scanner. I wanted to architect something that would manage the whole lifecycle. Start at the code level. Move through discovery. Then give companies a way to actually run and manage MCP servers in a governed, sanctioned state, while also showing security teams what’s being run outside that bubble. No one was doing that full-stack approach. The more I tinkered, the more obvious it felt that someone had to. So, I kept building and Helmet Security started to take shape.

Yes, About the Name

People always ask about the name, usually with a raised eyebrow. Helmet Security? Really?

But it came from a moment of inspiration in Mexico City. Mexico City has an incredible street culture where art, comics and anime show up in huge murals on every corner. I was staring at one of those murals, packed with X Men characters all wearing a helmet of sorts amplifying their abilities or giving them protection. Comics aside, when we’re on a bike, we wear helmets to protect the most important compute system we have.

So, the metaphor stuck: put a helmet on your machines. Let them be powerful but also controlled. Intelligent, but not reckless. Agents with safeguards.

Where We’re Headed

We’re starting with securing MCPs because the need is immediate and the risk is very real. But that’s just the beginning because the future is truly agentic. Agentic AI systems will evolve, and new standards and tooling will emerge. Consider Agent2Agent protocols as an example. The protocol was just introduced this spring, a few months after the origin of the MCP. This shows just how fast AI systems are growing and so will attack surfaces and infrastructure.

That’s what Helmet is here to build. A platform that doesn’t just secure what exists now, but future-proofs the hundreds of agentic evolutions that are coming next. This didn’t start as a company. It started as an itch. But now it’s a mission, and honestly, we’re just getting started.