Valarian Raises $50 Million to Lock Down AI Workloads in Sensitive Organisations

The UK startup wants to give governments and regulated industries a way to run AI systems they actually control, not one rented from a cloud provider.

ThreatVectr Newsdesk· 3 min read
Photoreal news-editorial style, 16:9 framing, edge-to-edge composition
Share

Key points

  • Valarian, a UK sovereign-infrastructure company, closed a $50 million Series A funding round in July 2026.
  • The round was led by investors including New Enterprise Associates and Lightbank, bringing total funding to $70 million.
  • Valarian's platform, called ACRA, wraps individual AI models and software workloads inside isolated security containers so one misbehaving program cannot spread damage to the rest.
  • The company offers two product tracks: one for regulated industries such as banking and healthcare, and one for government and military customers.
  • Customers keep their own encryption keys, meaning Valarian itself cannot read their data once a deployment goes live.

There is a quiet tension running through most AI deployments inside sensitive organisations right now. The AI is powerful. The organisation does not own it, does not control the servers it runs on, and often does not know exactly what it touches. Valarian is betting that tension is about to become a procurement crisis.

The London-based company announced Tuesday it had closed $50 million in new funding, bringing the total it has raised to $70 million. The fresh capital came from venture firms New Enterprise Associates, Lightbank, XTX Markets, Sequel, and LitVC, alongside angel investors Gokul Rajaram and Nikesh Arora.

What does ACRA actually do?

ACRA sits on top of Kubernetes, which is the widely used software system that companies use to run and manage many programs at once on shared computer infrastructure. Think of Kubernetes as a busy kitchen. ACRA is the head chef who decides which cook can touch which ingredient, keeps each station physically separated, and can pull one cook off the line immediately if something goes wrong, without shutting the whole kitchen down.

Each AI model or software workload gets its own walled-off space. That space comes with its own identity, its own network rules set to block everything by default, and a short-lived access token that expires rather than sitting around waiting to be stolen. If one workload behaves badly or gets broken into, operators can isolate, freeze, or revoke it at runtime, meaning while everything else keeps running.

The platform is designed to work the same way whether the organisation runs it on a public cloud service, on its own servers, or on a fully disconnected, air-gapped network, one with no connection to the wider internet at all. Customers hold their own encryption keys throughout. Valarian says this means it has no way to read customer data after a system goes live, even if compelled.

Valarian sells through two tracks. Valarian Enterprise targets banks, hospitals, and other heavily regulated businesses. Valarian Defence targets government agencies and military customers.

CEO Max Buchan framed the pitch in stark terms. "Sovereignty isn't a feature you can add later," he said in the announcement. "It's architecture you have to build from the ground up."

For ordinary people, the relevance is indirect but real. The hospitals, government departments, and financial firms that handle your personal data are increasingly running AI on infrastructure they do not own. Tools like ACRA represent an attempt to change that, before something goes wrong at scale.

The new funding will go toward expanding the team and building out the platform.

© 2026 Threat Vectr