Traceable AI raises $60 million for unique API security platform

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!


Today, API security provider Traceable AI announced it has raised $60 million as part of a Series B funding round. The new funding values ​​the company at more than $450 million and will be used to invest in product development and research, while expanding its sales and marketing teams to drive growth.

Traceable AI’s solution collects data from user-driven transactions as they flow through APIs and stores it within the platform. The solution then uses machine learning to convert the business logic of the applications into a logistics model.

This logistics model is processed with machine learning, which learns to detect changes in normal application behavior over time.

For enterprises, the platform provides a tool for detecting API-level attacks that often slip under the radar of understaffed or under-equipped security teams in environments with many cloud-native applications.

The Difficulties of Protecting APIs in the Cloud Age

Today, many organizations are in a position to expand their API attack surface, but lack the expertise or tools needed to mitigate these risks. For example, research shows that misconfigured APIs account for two-thirds of cloud breaches.

At the same time, attackers know that companies are unprepared to protect APIs, with API attacks rising 348% in the first six months of this year as 94% of companies report an API-related security incident in the past 12 months. have had .

The reason for the proliferation of security incidents is that the proliferation of cloud apps has exposed a mountain of security vulnerabilities that legacy security tools are unable to address.

“Organizations simply don’t have the right security tools to protect their growing API attack surface. Existing application security tools that rely on signatures built on regular expressions to catch exploits generate a large number of false positives. The widespread use of APIS driving current business success is being blocked by traditional security solutions, while malicious cyber-attacks are allowed to exploit API applications and exfiltrate sensitive data,” said Jyoti Bansal, CEO and co-founder of Traceable AI.

“Modern API-driven applications move too fast, releasing new features and inadvertently releasing API vulnerabilities and business logic errors. Existing security tools such as WAFs, RASP and API gateways simply don’t move fast enough to adapt to the speed of API application development and their security needs,” Bansal said.

Traceable API aims to enable security teams to track threats at the API level by providing user attribution for every recorded transaction and distributed tracing to provide a view of the full storyline of user activities, across systems and overtime.

This provides a holistic view of the threat actor’s activities and the degree of threat they pose to the enterprise, making it easier for human analysts to understand what the key threats are and how to block them.

The API Management Market

Traceable API is part of the fast-growing global API management market, which researchers predict will grow from $4.1 billion in 2021 to $8.41 billion in 2027 as organizations invest more in solutions to prevent API and application layer attacks.

The provider competes with a number of other established API security vendors, including No Name Security, which recently raised $135 million as part of a Series C funding round and reached a valuation of $1 billion.

No Name Security provides a security posture management API solution that can inventory APIs and identify misconfigurations and vulnerabilities through the use of AI and ML models.

Another competitor is Salt Security, which raised $140 million earlier this year as part of a Series D funding round, bringing total funding to $271 million. Salt Security provides users with an API Context Engine that can continuously discover APIs, identify vulnerable APIs, test APIs in pre-production, and block API attacks.

While these solutions are well established, Bansal argues that Traceable AI emphasizes emphasizing the journey from the attacker to the analyst so they can “understand the unique business logic, user attribution, and context of each API — from development to production.”

The mission of VentureBeat is a digital city square for technical decision makers to gain knowledge about transformative business technology and transactions. Learn more about membership.

Leave a Comment