Salt Security Raises $70M to Protect APIs | API Security

The Growing Importance of API Security

Application Programming Interfaces (APIs) are fundamental to modern technology, yet they represent a significant vulnerability point for malicious actors. These interfaces serve as access points to substantial data and services, making them prime targets for exploitation.

Recent security breaches, stemming from weaknesses in API infrastructure, demonstrate the urgency of this issue. The increasing frequency of these incidents highlights the real and present danger posed to organizations.

Salt Security Secures $70 Million in Funding

Today, Salt Security, a company focused on API security, announced a $70 million funding round. This investment will enable the company to address the escalating demand for its services and further develop its AI-powered technology.

Salt Security’s platform is designed to identify and neutralize threats across an entire API ecosystem. The funding will be allocated to both meeting current client needs and expanding the scope of its API management capabilities.

Investment Details

Advent International, through Advent Tech, led the funding round. Additional participation came from Alkeon Capital, DFJ Growth, and existing investors including Sequoia Capital, Tenaya Capital, S Capital VC, and Y Combinator.

While Salt Security has not disclosed its exact valuation, sources indicate it falls within the $600-700 million range.

Rapid Growth and Market Demand

This funding follows a recent investment and reflects Salt Security’s substantial growth trajectory. Since 2016, the company has raised a total of $131 million, with $120 million secured in the past year.

This growth is driven by strong performance metrics. Salt Security has experienced a 400% revenue increase in the last 12 months, serving clients like Equinix, Finastra, TripActions, Armis and DeinDeal across the financial services, retail, and SaaS industries.

Furthermore, the company has expanded its headcount by 160% and witnessed a 380% surge in API traffic on its network.

The Expanding API Landscape

The increase in API traffic underscores the critical role APIs play in today’s digital world. Akamai estimates that APIs account for as much as 83% of all internet protocol (IP) traffic.

However, Roey Eliyahu, CEO and co-founder of Salt Security, points out that API management has not kept pace with this rapid expansion.

“The evolution of APIs differs significantly from their earlier iterations,” he explained. “Previously, APIs were fewer in number, less sensitive, and underwent fewer updates.”

“Now, with the accelerated pace of development, organizations manage thousands of APIs that access critical company assets.”

APIs as a Primary Attack Vector

This evolution has transformed APIs into a prime target for cyberattacks. Gartner predicts that APIs will become the largest attack vector in cybercrime by 2022.

Salt Security’s approach begins with a comprehensive assessment of an organization’s API network, identifying potential vulnerabilities.

Identifying and Mitigating Risks

“Many companies are unaware of the total number of APIs they possess,” Eliyahu stated. He noted that 40%-80% of an organization’s APIs may be inactive, existing as “shadow APIs” susceptible to misuse.

The platform then analyzes these APIs for vulnerabilities and provides recommendations for remediation. It also monitors API usage to detect and prevent attacks in real-time.

While Salt Security provides remediation insights, the actual implementation of fixes is currently handled by third-party providers.

All of these functions are powered by Salt Security’s automated, AI-based API Protection Platform.

Competitive Landscape

Salt Security operates in a competitive market alongside companies like Ping, Imvision, and 42Crunch. The field is expected to grow as both API management companies and cybersecurity firms expand their offerings.

Industry Perspective

Bryan Taylor, managing partner and head of Advent’s technology team, commented, “The rapid proliferation of APIs has dramatically altered the attack surface of applications, creating a major challenge for large enterprises.”

“Existing security mechanisms are often inadequate to protect against these new threats. We believe Salt Security’s technical leadership, customer traction, and talented team position it for success in this evolving landscape.”