Image Credit: Gerd Altmann from Pixabay

As the attack surface continues to expand across the cloud, API security is becoming an ever more important concern. Salt Security has reported a 681% increase in API attack traffic over the past year, as overall API traffic increased by 321%.

Cybersecurity provider Akto, which today announced raising $4.5 million in seed funding, aims to mitigate these cyberthreats by providing organizations with a platform to create a real-time inventory of APIs to secure the entire DevSecOps pipeline. 

Akto’s solution takes less than a minute to deploy and creates an automatic inventory of APIs, which security teams can use to detect PII data leaks and test for misconfigurations during development. 

For enterprises, this solution provides a scalable approach to API security, giving security teams the ability to test thousands of APIs at once with a single artificial intelligence (AI) engine. 

Getting a grip on API security 

The announcement comes as more and more organizations are struggling to maintain visibility over their APIs, with research showing 30% of all malicious attacks target shadow APIs. 

As more attackers look to target APIs to gain access to sensitive information, the only way to ensure complete protection is for enterprises to catalog APIs throughout the environment, and systematically secure them. 

“Security teams don’t have [a] continuous inventory of APIs. There is constant back and forth between developers and security teams to have an updated inventory of APIs,” said cofounder of Akto, Ankita Gupta. 

“In most cases, there is no inventory of APIs and security teams try to maintain an Excel sheet of inventory from memory, which means they only cover 10-20% of APIs,” Gupta said. 

Akto attempts to fix this problem by mirroring customer traffic with AI and machine learning (ML) to create a real-time inventory of APIs. At the same time, it also provides a scalable solution for automating API testing for thousands of APIs, enabling security teams to continuously test APIs throughout the CI/CD pipeline. 

A look at the API security market 

Akto is just one of many providers operating in the API management market, which researchers estimate will grow from $4.5 billion in 2022 to reach a value of $13.7 billion by 2027. 

One of the organization’s main competitors in the space is Noname Security, which last year raised $135 million in series C funding and achieved a $1 billion valuation for a platform designed to automatically discover and inventory APIs.

Noname Security’s solution can monitor real-time traffic with AI to detect leakage, policy violations, suspicious behavior and cyberattacks that put protected information at risk. 

Another key competitor is Traceable AI, which offers a platform to discover and test APIs with analytics capabilities. Earlier this year Traceable AI announced it had raised $60 million as part of a series B funding round. 

However, Gupta argues that Akto’s rapid deployment and plug-and-play capabilities separate it from existing solutions.

“We are the world’s first plug-and-play API security platform. What that means is that it takes only 60 seconds to deploy Akto, and within two minutes security teams will be able to see their API inventory and scan for vulnerabilities,” Gupta said.