In 2017, Jyoti Bansal co-founded San Francisco-based security firm Traceable with former investor Sanjay Nagaraj. Bansal, who previously co-founded app performance management startup AppDynamics, which he acquired by Cisco in 2017, is using Traceable to build a platform that protects customers' APIs from cyberattacks. It was made.
Attacks against APIs (the set of protocols that establish how platforms, apps, and services communicate) are on the rise. According to cybersecurity firm Check Point, API attacks affected nearly a quarter of organizations every week in the first month of 2024, an increase of 20% compared to the same period last year.
API attacks can take many forms, including attempting to disable an API by consuming too much traffic, bypassing authentication methods, or exposing sensitive data transferred through a vendor's API. And so on.
In an interview with TechCrunch, Bansal said, “There is a lack of awareness of the importance of API security, ignorance of the ever-growing attack surface for APIs, and deep adoption of API security due to deep investment in security solutions. There is resistance to it,” he said. Don't address API security issues directly. ”
Bansal points out that while more companies are using APIs, thanks in part to the generative AI boom, they are unknowingly exposing themselves to attacks in the process. According to one recent study, the number of APIs companies use increased by more than 200% between July 2022 and July 2023. Meanwhile, Gartner predicts that more than 80% of enterprises will use generative AI APIs or deploy generative AI-enabled apps by July 2022. 2026.
What Traceable does to protect these APIs is apply AI to analyze usage data, learn normal API behavior, and identify activity that deviates from the baseline. Bansal said Traceable's software, running on-premises or in a fully managed cloud, discovers and catalogs existing and new APIs in real time, including undocumented and “orphaned” (or deprecated) APIs. It is said that it is possible to do so.
Image credit: Traceable
“To detect the latest threat scenarios, Traceable trained our in-house models by fine-tuning open source, large-scale language-based models using labeled attack data,” Bansal said. explained. “Our platform provides IT teams with tools for API discovery, testing, protection, and threat hunting workflows.”
The API security solutions market is rapidly becoming crowded, with vendors such as Noname Security, 42Crunch, Vorlon, Salt Security, Sequence, Ghost Security, Pynt, Akamai, Escape, and F5 competing for customers. According to Research and Markets, the sector is likely to grow at a compound annual growth rate of 31.5% from 2023 to 2030, driven by increasing threats in cybersecurity and the demand for more secure APIs.
But Bansal maintains that Traceable holds its own, analyzing about 500 billion API calls per month for about 50 customers and predicting its revenue will double this year. doing. Most of Traceable's customers are within businesses, but Bansal said the company is considering piloting it with governments.
“Traceable is building a long-term sustainable company. This means that from a financial perspective, our profit margins are very healthy and will continue to improve as our revenues grow. '' he said. “We are investing responsibly in our business, so we are not currently making profits by choice…We are making strategic investments that maximize return rather than just spending. The focus is on
To that end, Traceable today announced that it has raised $30 million in strategic investment from a group of backers including Citi Ventures (the corporate venture arm of Citigroup) IVP, Geodesic Capital, Sorenson Capital and Unusual Ventures. Announced. Values Traceable at $500 million post-money, bringing Traceable's total funding to $110 million, with new funding to support product development, scale Traceable's platform and customer engineering team, and build out the company's partnership program. Bansal said the money will be allocated to
Traceable currently has a staff of approximately 180 people. Bansal expects the number of employees to reach 230 by the end of 2024, as most of the new investment will go toward hiring.
“Traceable was not a financing because we still had a significant cash runway before this investment,” Bansal said, adding that in addition to the new capital, Traceable has a “substantial” line of credit. It added that it had been secured. “However, we were receiving significant inbound demand from investors.” The combination of our strategic collaboration with Citi Ventures and attractive investment terms allows us to make a smaller investment now to accelerate our product and go-to-market efforts before considering raising larger amounts of capital. I made it. ”