Neosec, an API security startup, emerges from stealth with $20.7M

Neosec, a cybersecurity platform designed to secure APIs, today emerged from stealth with $20.7 million in series A funding from True Ventures, New Era Capital Partners, TLV, SixThirty, and several angel investors. According to CEO Giora Engel, the proceeds will be put toward product development and growing Neosec’s business in the U.S., Europe, the Middle East, and Asia.

Researchers are sounding the alarm on threats to enterprise security arising from insecure APIs. Last November, Forrester warned that organizations that fail to address API vulnerabilities could face significant data breaches. And in March, Salt Security released a report on API security that showed that that 91% of organizations suffered an API-related problem last year, with more than half (54%) reporting finding exploits in their service APIs.

Neosec claims to take a fundamentally different approach to app and API security without requiring the use of signatures, predetermined exploits, or on-premises deployment. The platform automatically finds all APIs involved with an organization and maintains a complete inventory, generating missing documentation for previously unknown APIs. Neosec also audits the risk posture of individual APIs and identifies those transferring sensitive data, revealing any discrepancies between existing API documentation and the parameters of the API. By automatically learning the baseline behavior of every API, Neosec can flag vulnerable or misconfigured APIs in need of fixing, according to Engel.

“Neosec was started by Ziv Sivan and I [in February 2020]. We previously founded LightCyber, which was acquired by Palo Alto Networks in 2017 and became the basis for extended detection and response. As a security researcher, extending back to my work with the Israel Defense Force and later with LightCyber and Palo Alto Networks, I pioneered the use of behavioral analytics for detection and response,” Engel told VentureBeat via email. “Networks are rapidly changing from traditional datacenter, on-premises models to ones that are fully cloud-based, connected, and governed by APIs that expose core business logic externally. After leaving Palo Alto Networks, I knew that APIs were the next frontier for security vulnerabilities that could make previous attacks look small.”

Protecting APIs

APIs are the building blocks of digital business, powering analytics, business intelligence, partner and supply chains, and the overall flow of business. They represent both a substantial portion of organizations’ traffic and a fast-growing blind spot, with most enterprises only aware of a portion of the APIs used by their customers. According to a Gartner webinar, by 2022, API attacks will become the most frequent attack type used against enterprise web apps. Adroit Market Research expects the API management market will reach $21.68 billion in value by 2028.

While plenty of security solutions address APIs in some fashion, like those offered by Neosec competitors Salt Security, Traceable, and Noname Security, it’s Engel’s assertion that they rely on traditional signatures, passing through API calls without practical checks of their usage. Many systems have no ability to recognize bad behavior within APIs, he says, while allowing authenticated clients to freely interact with them — assuming they’re safe and authorized.

“Because all the API data is stored in the cloud, the ability to examine the vast dataset to identify threats is possible [with Neosec]. For incident response, users of the Neosec platform can investigate what happened by examining the historical data. For threat hunting, they can use the data to build a hypothesis and reveal hidden threats,” Engel said. “Neosec makes all the data available to the analyst rather than being a black box.”

Neosec correlates and profiles users, customers, and partners that interact with APIs, creating baselines with context, timelines, and analysis for each. The platform ingests and analyzes API data out-of-band while enriching the API and entity data, reducing abuse and theft from API scraping.

“There are no competitors that employ true behavioral analytics and leverage the power of all the data in a software-as-a-service platform to prevent business abuse through APIs,” Engel said. “Because all the API data is stored in the cloud, the ability to examine the vast dataset to identify threats is possible. For incident response, users of the Neosec platform can investigate what happened by examining the historical data. For threat hunting, they can use the data to build a hypothesis and reveal hidden threats. Neosec makes all the data available to the analyst rather than being a black box.”

It’s early days, but Neosec says it already has paying enterprise customers as well as “notable” channel and technology partners. In the future, the company plans to double the size of its 20-person team, which is spread across offices in the U.S., Israel, and the U.K.

“The pandemic emphasized the need for accelerated digital transformation for many of our clients,” Engel added. “The nature of work is shifting. Physical business is declining and more is being done online, and new go-to-market strategies are emerging using new channels that rely on the continuous development of APIs. The pace of this transformation has accelerated significantly since the pandemic.”