Neosec announced that it has emerged from stealth mode and completed its Series A fundraise with a total investment of $20.7 million from True Ventures, New Era Capital Partners, TLV and SixThirty in addition to security visionaries Mark Anderson, Gary Fish, Mickey Boodaei, Rakesh Loonkar and Shailesh Rao.
The company is taking a different approach from today’s traditional application security tools that typically rely on protecting a perimeter using signature-based methodologies. Instead, Neosec brings established techniques from XDR (Extended Detection and Response) security products, including precise behavioral analytics, to reveal threats and business abuse hiding inside APIs.
“Today’s new applications are all API-driven, which creates a new attack surface that puts business fundamentals at risk,” said Brian Sack, principal at TLV Partners. “Traditional application security techniques are scarcely relevant in a cloud and API-first world.”
APIs are the building blocks of digital business and help speed up innovation and software development by easily connecting businesses, partners and services. While APIs already represent a substantial portion of an organization’s traffic, their rapid adoption has made them a conduit for misuse, manipulation, theft and attack.
Most enterprises underestimate the risk, because they lack a comprehensive inventory of APIs and are unaware of the scale of unknown shadow APIs. They also have no way to assess what is being done within an API. Industry analysts have predicted that API abuses and attacks will soon become the most common vector for stealing from or impairing enterprises.
While some security solutions today claim to protect APIs, most rely on traditional signatures, and allow API calls to pass without any practical checks of their usage. These systems have no ability to recognize bad behavior within APIs, and they allow authenticated clients to freely interact with them, assuming they are safe and authorized. Without the ability to behaviorally assess APIs, organizations are unable to know if, for example:
- Partners are abusing invoicing APIs or if a bad actor is producing fake orders
- Attackers are scraping data from inventory APIs or conducting espionage
- Regulated data is being accessed by unauthorized parties or moved out of certain geographies
- Money is being diverted to criminals by an API accessed by a compromised partner
- Business processes are being exposed or manipulated.
“Today, APIs contain both money and data as well as govern key interactions within a business and to customers, partners and suppliers,” said Puneet Agarwal, partner at True Ventures. “Every API is a window into an organization’s business systems and potentially exposes key business logic and processes. Ignoring this blind spot is no longer an option, so the need for a new approach to API security is critical.”
Neosec’s revolutionary data analytics approach discovers all APIs involved with an organization, based on existing logs without the need to install any sensors. The platform establishes and constantly maintains a complete inventory of APIs in use and even generates missing documentation for ones that are previously unknown.
Neosec audits the risk posture of all discovered APIs and identifies those transferring sensitive data. The platform reveals any discrepancies between existing API documentation and the parameters of the API. It then flags those APIs that are vulnerable or misconfigured and require fixing.
Neosec automatically learns the baseline behavior of every API user and client, correlating and profiling for multiple entities, including users, customers, business processes and partners. It enables the ability to see, investigate, and threat hunt using detailed timelines of behavior of each user entity.
Neosec provides the unique ability to:
- Reduce abuse and data theft from API scraping
- Minimize fraud and unauthorized business transactions
- Prevent threats and abuse hiding in APIs
- Identify compromised users and credentials
- Pinpoint risky APIs
- Prevent expensive data leakage and compliance violations
- Improve partner and customer experiences through better API performance
Neosec is led by co-founders CTO Ziv Sivan and CEO Giora Engel. The technology builds upon Engel’s previous experiences in developing precision security behavioral analytics. Engel serves as the chair of the fraud prevention task force at Financial Data Exchange FDX within FS-ISAC, and worked in the elite Unit 8200 of the Israeli Intelligence Corps.
Engel co-founded LightCyber, which invented the core Extended Detection and Response (XDR) technology by performing behavioral analytics on network and endpoint data to eliminate attacks. LightCyber was acquired by Palo Alto Networks in 2017. Mark Anderson, former President of Palo Alto Networks, is also a founding investor and Chairman of the Neosec board.
“One of the greatest challenges facing cybersecurity is the severe lack of logical visibility and behavioral assessment of APIs,” said Engel. “Existing technologies were not created to address the incredible exposure organizations now have through their APIs. We created an entirely new approach based on data analytics to provide a complete understanding of all API interactions. It is fully automated, SaaS delivered and able to protect increasing exposure through digital business.”
“When businesses pursue critical digital transformation initiatives, the common problem is that security is a point of friction that delays projects,” said Ziv Conen, partner at New Era Capital Partners. “Neosec helps minimize this friction and enable new digital business initiatives.”