Can Neosec Work XDR Magic on API Security?

As seen on SDxCentral.

API-security startup Neosec, founded by a former Palo Alto Networks executive, launched today with $20.7 million in funding and paying customers using its application security platform.

Neosec CEO Giora Engel previously founded LightCyber, which Palo Alto Networks bought for $105 million in early 2017 before using that company’s technology as the basis for its Cortex extended detection and response (XDR) platform. LightCyber developed machine-learning based behavioral analytics that identify anomalies inside the network and then identify attacks.

With his new venture, Engel and co-founder Ziv Sivan who is CTO at Neosec want to bring these same behavioral analytics and big-data techniques to find threats in APIs. “Neosec is like an XDR for APIs, or a CrowdStrike for application security,” Engel said.


How Neosec Works

The startup’s software-as-a-service (SaaS) platform first discovers every API and then it audits risk. It also uses behavioral analytics to determine abnormal API traffic, identify APIs transferring sensitive data, and hunt for other threats. And finally, it flags vulnerabilities and can also automate remediation.

“The vast majority of traffic is APIs,” Engel said, citing an Akamai study that found API calls represent 83% of all web traffic. So although it’s still a newer technology, API security is rapidly becoming a must-have tool. “In the long term, it’s going to supersede or replace the need for a lot of existing technologies today,” Engel said.

And while it’s not there yet, one of these technologies that Neosec sees its platform replacing in the future is the web application firewall (WAF). Neosec shares this view with Traceable, one of its competitors in the still-emerging API security field. Salt Security and Noname Security are a couple others.


Why SaaS Matters for API Security

There are a few things that differentiate Neosec from its competitors, Engel said. “First, we’re based on data, much more than the others, and I’ll explain how: We’re the only 100% SaaS company. We don’t have an on-prem solution and we never have.”

This makes a big difference, and it’s about more than just a deployment model, Engel added. “XDR companies are all 100% SaaS companies,” he said. “The ones that were hybrid, the Carbon Blacks, they practically don’t exist anymore because it’s impossible to have behavioral analytics at scale when you’re not 100% SaaS. You can’t do the same processes, you can’t do the same kind of detection technologies.”

About Neosec

Neosec is reinventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The foundation of the SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from abusing the complex network of APIs that connect today's businesses. The platform helps organizations discover every API and audit risk. Neosec has pioneered the use of behavioral analytics to understand normal versus abnormal API usage and delivers powerful threat hunting capabilities. Neosec prevents threats and stops abuse hiding within APIs and brings new intelligence to application security. Neosec is based in Palo Alto, California with R&D in Tel Aviv, Israel. To learn more, visit


Test Drive the Neosec API Security Solution

One cloud-native platform, fully deployed in minutes, to protect your APIs.

Start Now