As seen on DarkReading.
Neosec, a startup aiming to better secure APIs, today emerged from stealth with $20.7 million in Series A funding from True Ventures, New Era Capital Partners, TLV, and SixThirty.
APIs have become a hot target for attackers, especially as organizations rapidly shifted to accommodate remote work. Reports indicate API abuses will be the most common vector used in data breaches within enterprise Web applications: Nearly all (91% of) organizations surveyed by Salt Security had an API-related issue last year, and 54% reported finding flaws in their APIs.
In the past, APIs were typically used on secure private networks and channels. Now they are core to enterprise efforts as organizations rely on APIs to make their internal applications, systems, and services accessible to their customers, partners, and other third parties. And as APIs become a greater focus for businesses, they become a greater focus for attackers as well.
"APIs are not new, but … API security is really in its infancy," says Neosec co-founder and CEO Giora Engel. He built the startup with CTO Ziv Sivan; the duo had previously created behavioral analytics company LightCyber, which was sold to Palo Alto Networks in 2017 for $105 million.
Today's application security tools often focus on securing the perimeter with signature-based tech. Neosec's approach carries over techniques that extended detection and response (XDR) tools used to detect threats and applies them to recognize malicious behavior within APIs.
For most organizations, the problem starts with a lack of API inventory. Application security is mostly focused on setting up processes with developers, but that alone is not enough. Both internal APIs and those exposed to the outside are not accounted for, which puts them at risk.
About Neosec
Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel. To learn more, visit Neosec.com.
