Led by Race Capital, the round backs a new category of infrastructure that makes AI safe, observable, and governable inside large organizations
SAN FRANCISCO, Calif. – Generative AI tools have become ubiquitous in the enterprise. Employees are using AI copilots to code, draft documents, brainstorm campaigns, and analyze data – often without IT’s knowledge or approval. As adoption spreads from the bottom-up, companies are losing control over how sensitive information is being handled, what models are being used, and who has access to what.
Unbound has raised $4 million to fix this. The oversubscribed seed round was led by Race Capital, with participation from Wayfinder Ventures, Y Combinator, Massive Tech Ventures and others include notable angel investors*.
Unbound gives IT teams the visibility and controls they need to safely introduce and manage AI tools in the enterprise. Its AI Gateway plugs into commonly used tools – like Cursor, Roo, Cline or internal document copilots – and provides real-time protection, model routing, and usage analytics. From blocking sensitive information leakage to managing model costs and performance, Unbound helps organizations roll out AI on their terms.
The founding team brings deep experience in both enterprise security and infrastructure. CEO and co-founder Rajaram Srinivasan previously led data security products at Palo Alto Networks and Imperva, and earlier worked on SaaS security at the onset of the AI wave. He teamed up with Vignesh Subbiah, a seasoned engineer and former founding team member at Tophatter and Shogun, who scaled engineering teams and platforms from seed to growth stage. After working together at Adobe, the two reconnected to build a system that could meet the urgent security gaps emerging in the new AI stack.
The need became clear quickly. In the early days of GPT-3.5, teams were already sending sensitive prompts into AI tools without oversight – leaking secrets, exposing PII, and consuming costly licenses with no guardrails. Existing DLP tools either blocked the tool altogether or failed to adapt to newer AI workflows.
Unbound takes a different approach. It has already prevented the leakage of 100s of secret credentials – including passwords, API keys, and connection strings – as well as more than 500 instances of personally identifiable information such as customer names, phone numbers, and patient records. Rather than simply blocking prompts, Unbound redacts sensitive content in real time and reroutes high-risk requests to internal, open-source models hosted in the organization’s cloud. This ensures employees get their answers without ever seeing a security speed bump.
The platform also gives companies fine-grained control over model access and cost. Rather than buying a one-size-fits-all license, teams can allocate premium model access to high-stakes workflows – like engineers building core infrastructure – while routing lighter tasks, like content editing, to smaller open-source models. Mid-market customers using Unbound have already saved more than $10,000 annually on unnecessary AI seat licenses. And when new models outperform old ones – as with Gemini 2.5 recently overtaking Claude Sonnet for certain coding tasks – Unbound allows IT to roll them out incrementally, test their effectiveness, and swap them in without breaking employee workflows.
The product is already being used by a growing base of mid-market and enterprise customers across sectors including tech and healthcare. One customer, a leading tech company, recently used Unbound to safely introduce Gemini 2.5 into production AI tools for more than 100 engineers within the same week.
“As AI tools become mainstream, enterprises are turning to flexibility and control,” said Rajaram Srinivasan, co-founder and CEO of Unbound. “They want visibility into what’s being used, assurance that their data is protected, and the ability to swap in better models as the space evolves. Unbound is the bridge that makes that possible.”
Reflecting on Unbound’s early days, CTO and co-founder Vignesh Subbiah said, “Defaulting to blanket bans on AI tools is like being in the times of GPT 3.5. Unbound enables surgical security controls into every AI request so teams can innovate freely without putting corporate secrets at risk.” He added, “In just a few months, our customers have prevented over 7,000 potential data leaks and cut AI tooling costs by nearly 70 percent.”
The market is shifting fast. What started as shadow IT is quickly becoming mission-critical infrastructure. Generative AI is embedded in everything from customer support to software engineering – but the tooling around it is still stuck in early-stage chaos. CIOs and CISOs are looking for ways to support AI adoption without compromising security or governance. Unbound is building that foundation. “At THG Ingenuity, we see the security team as an enabler, not a blocker. Unbound empowers us to roll out AI tools to employees with confidence. Unbound AI Gateway’s data protection controls and intelligent routing have been instrumental in safeguarding sensitive data while helping us optimize costs.” says Abraham Ingersoll, Chief Information Security Officer (CISO) of The Hut Group. The Hut Group (THG) is a customer of Unbound.
“AI is projected to reach $4.8 trillion in market value for the enterprise by 2033 globally — but without proper guardrails, that value is at risk. From shadow models to data leaks, the dangers of unmanaged AI are very real. We are excited to back Rajaram Vignesh and the Unbound Security team as they create a new category of AI infrastructure: one built for safety, observability and cost discipline from day one.” said Edith Yeung, General Partner at Race Capital. “We’re proud to back Rajaram, Vignesh, and the team building a new category of AI infrastructure – one that makes enterprise adoption safe, observable, and cost-efficient from day one.”
Unbound is just getting started. The team plans to expand integrations across the AI ecosystem, deepen model routing capabilities, and support internal model orchestration for enterprises adopting open-source LLMs. Their mission is simple: to ensure every organization can embrace AI without losing control in the process.
* Other investors in the round included: Alpha Square Group, Northside Ventures, Liquid2, Pioneer Fund, Scale Asia Ventures, SBXI and notable angels including Ram Shriram (founding board member at Google), Dr. Trishan Panch (CSO LuminHealth), Dr. John Brownstein (Chief Innovation Officer, Boston Children’s hospital), Taro Fukuyama (CEO, Fond), Eli Brown (CEO, Guilded, acquired by Roblox), Chris Siakos (CEO Sinefa, acquired by Palo Alto Networks), Joe Vadakkan (CISO, Ex- CRO), Zain Rizavi (Cloudflare, Ridge VC), Finbarr Taylor (CEO, Shogun) alongside other silicon valley and cybersecurity veterans.
