Palo Alto, Calif. – Jan. 29, 2019 – Salt Security, the leading API protection company, today announced it has raised $10 million in funding for its patented AI-based API protection platform, which was launched to the public today (see accompanying release). As APIs have proliferated across SaaS, web, mobile, microservices, and IoT applications – and the quantity and sensitivity of the data transmitted have increased – API attacks have become more frequent and more complex, making them the number one threat for any company.
The funding round includes investments from Israel-based S Capital, which is comprised of original Sequoia Capital Israel founders. Additional investors include Kevin Mahaffey, co-founder of Lookout and expert at Y Combinator, and Marius Nacht, the chairman and co-founder of Check Point Software, one of the largest security companies in the world.
S Capital Founding Partner Haim Sadger will join Salt Security’s board of directors, tapping into his enviable experience, expertise, business insights and relationships from more than 20 years in the industry to help guide the company’s rapid growth. S Capital partners previously founded Sequoia Capital Israel and continue to manage the fund today, while Sadger has overseen the growth of numerous successful companies such as Amobee, Cotendo, Capitolis, Lemonade and Skyline.ai. Nacht and S Capital Founding Partner Aya Peterburg will also join as board observers.
“Salt Security tackles the most important vulnerability for enterprises today by providing industry’s only solution that can protect APIs,” Sadger said. “We believe that they will transform the way organizations approach security, and we are excited to help them achieve dominance in the industry.”
Enterprises Search for an Answer to Growing API Security Threat
API-focused attacks on SaaS, web, mobile, microservices, and IoT applications have become more frequent and more sophisticated as APIs have proliferated across these environments. In recent years, there has been a huge increase in API attacks, including high-profile breaches at Facebook, T-Mobile, Panera Bread, Verizon, and the latest vulnerability disclosures at the United States Postal Service (USPS) and Google+. Gartner predicts that “by 2022, API abuses will be the most frequent attack vector resulting in data breaches for enterprise web applications,” and insecure APIs were ranked as the third most severe threat to cloud computing in 2018 by the Cloud Security Alliance. In addition, the Open Web Application Security Project (OWASP) recognized API security as a primary concern, with nine of the top 10 vulnerabilities in their current OWASP Top 10 report including an API component.
Traditional solutions do nothing to detect or prevent the latest attacks that exploit unique vulnerabilities in each API’s logic to allow attackers to access sensitive applications and data. Salt Security provides the industry’s only real-time protection against these logic-based attacks. Using artificial intelligence (AI) and granular knowledge of each unique API to determine normal behavior, Salt Security looks for malicious behavior in each API. This empowers companies to identify attacks while they are still in the reconnaissance phase and stop them before they advance.
Salt Security will use the funding to increase research and development for its core platform and add support for new use cases and broader requirements in response to growing customer demand.
“It’s a significant milestone to receive the backing of some of the brightest and most successful names in the technology industry and we believe this funding validates our perspective on the market, the challenges of API attacks, and the value of our API protection platform,” said Salt Security Co-Founder and CEO Roey Eliyahu. “This is a growing security challenge across many industries and geographies that remains dangerously unaddressed by existing solutions, particularly as more businesses rely on applications that use APIs to deliver core business services to employees, customers and partners.”
About Salt Security
Salt Security protects the APIs that are the core of every SaaS, web, mobile, microservices and IoT application. Its API Protection Platform is the industry’s first patented solution to prevent the next generation of API attacks, using behavioral protection. Deployed in minutes, the AI-powered solution automatically and continuously discovers and learns the granular behavior of a company’s APIs and requires no configuration or customization to help ensure API protection. Salt Security was founded in 2016 by alumni of the Israeli Defense Forces (IDF) and serial executives in the cybersecurity field and is based in Silicon Valley and Israel. For more information, visit www.roey.wpengine.com.