Traceable AI Receives $60M to Protect Application APIs with Machine Learning

- Advertisement -


Tracked AI, a startup offering services designed to protect APIs from cyberattacks, announced today that it has raised $60 million in an IVP-led Series B round involving BIG Labs, Unusual Ventures, Tiger Global Management and several unknown angel investors. The new equity values ​​the company at more than $450 million after the cash is issued, and CEO Jyoti Bansal, who also co-founded BIG Labs and Unusual Ventures, says he will focus on product development, recruitment and customer acquisition.

- Advertisement -

APIs, interfaces that communicate between computer programs, are used by countless organizations to conduct business. But because they can provide access to sensitive functions and data, APIs are an increasingly common target for attackers. According at Salt Labs, Research Division salt safety (which sells API cybersecurity products, granted), API attacks increased nearly 681% between March 2021 and March 2022. Gartner predicts that 90% of web applications will have more attack opportunities in APIs than in user interfaces, and that API abuse will become upper attack vector for most companies in 2022.

- Advertisement -

Bansal saw this four years ago, he says, when he founded Traceable in San Francisco, California, with CTO Sanjay Nagaraj. Bansal is a serial entrepreneur and co-founder of an application performance management company. AppDynamics (which was acquired by Cisco for $3.7 billion) and curb (which recently raised $230 million Series D). Nagaraj, an investor in Harness, has been a longtime associate of Bansal, having previously served as vice president of software development at AppDynamics for seven years.

“APIs are the glue that holds modern applications and cloud services together. As businesses large and small move from monolithic to highly distributed cloud applications en masse, APIs are now a critical service component for digital business processes, transactions, and data flows,” Bansal told TechCrunch in an email interview. “However, the number of sophisticated cyber threats and privacy vulnerabilities targeting APIs has also increased rapidly. This is where machine learning comes into play. To have zero trust, you need API clarity. You can no longer easily buy or hire security professionals, so you need to address these vulnerabilities with technology.”

- Advertisement -

Like some of its competitors, including Salt, Traceable uses AI to analyze data to learn normal app behavior and detect abnormal behavior. Through a combination of “distributed tracing” and “contextual behavioral analytics”, startup software that runs locally or in the cloud can catalog APIs, including “shady” (e.g. undocumented) and “orphan” (e.g. legacy) APIs in real time , according to Bansal.

Traceable describes distributed tracing as a technique that involves the use of “agent modules” that collect diagnostic data from production applications as code is executed. At the same time, context-based behavioral analytics refers to understanding the behavior of APIs, users, data, and code in relation to an organization’s overall risk profile.

“APIs often expose business logic that attackers use to infiltrate applications and personal data. Every line of code needs to be monitored to properly protect modern cloud applications from next generation attacks,” Bansal said. “Automated and unsupervised machine learning allows Traceable to go deeper and meet API security requirements better than anyone else. As the name suggests, Traceable tracks end-to-end application activity from the user and session to the application code itself.

Tracked AI

Monitored AI dashboard.

Traceable provides a risk score based on a “calculation of the likelihood and potential impact of an attack” using 70 different criteria (reportedly). The software also displays application topologies, data flows, and unique security events, including runtime details in APIs and data stores.

The market for API security solutions is rapidly filling up, with vendors including Cequence, 42Crunch, and Noname Security vying for customers. The growth correlates with the overall growth in API usage, especially in the enterprise. in twin reportsThe RapidAPI API Market found that 90.5% of developers expect to use more or the same number of APIs in 2022 compared to 2021 and that 98% of business leaders believe that APIs are an important part of their digital transformation efforts.

According Companies that describe themselves as providing APIs received $193.4 million in venture capital funding from late 2019 to June 2021, according to Crunchbase data, highlighting the opportunities investors see in the technology.

Traceable has done well despite the competition. Bansal says the company has a number of paying customers, and — to encourage further adoption — Traceable recently released its open-source tracking technology. Dubbed hypertraceit allows enterprises to track applications using technologies similar to those used in the Traceable platform.

“The very nature of the impact of the pandemic has further accelerated the digital transformation that has already begun. The creation and deployment of millions of microservices and APIs has been a major driver of the rapid growth of digital services,” said Bansal. “Because various organizations have either created, implemented or used millions of … APIs, this has greatly increased the attack surface vulnerable to API-based attacks that cannot be detected or stopped by traditional security solutions. This problem requires a completely new approach to detecting and stopping these new attacks.”

Although Bansal declined to disclose annual recurring income when asked, Traceable’s total capital is $80 million, most of which goes to support product development and research, he said.

“Companies use Traceable’s extensive forensic data and insights to easily analyze attack attempts and perform root cause analysis,” continued Bansal. “Traceable uses the power of machine learning and distributed tracing to understand the DNA of an application, how it changes and where anomalies exist, to detect and block threats, making the business more secure and resilient.”


Credit: techcrunch.com /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox