Neosec with $207 million Series A to Protect APIs From Business Abuse and Data Theft and Protect Applications From The Threat of Business Affects and the Data Thinning Using A Powerful Device, launching Neos
- Neosec announced that it was a stealth-moded fundraise with ft. based on rumours, and reassessed its Series A fund raise in the form of
The company is taking different approaches from traditional application security tools today, that typically rely on signature-based methodologies to protect perimeters. Neosec instead provides a set of techniques from XDR security products, including specialized behavioral analytics, to reveal business abuse hidden inside APIs.
"Today's new applications are all API-driven, which creates a new attack surface that risks business fundamentals," said Brian Sack, VP of TLV Partners. "Traditional application security techniques are scarcely relevant in cloud and API-first worlds."
APIs are the building blocks of digital business. They accelerate innovation and software development by connecting businesses, partners and services easily. This is a conduit for misuse, manipulation, theft and attack. APIs already represent 80% of an organization's traffic, but they are now rapid adoption. Most enterprises underestimate the risk because they lack comprehensive inventory of APIs and are unaware of the scale of unknown shadow API's. They haven't even have the ability to assess what's being done within an API. Industry analysts predict API abuses and attacks will become the most common vector for stealing or impairing enterprises.
While some security solutions today claim to protect APIs, most rely on traditional signatures and allow API calls to pass without any practical checks of their usage. These systems don't allow us to identify bad behavior in APIs, and they allow authenticated clients to freely interact with them, assuming they are safe and authorized. Organizations can't tell if, for example, without the ability to behaviorally evaluate APIs, or unless they're able to find out a way to get them to know - for instance, Whether and
- Partners are using invoicing APIs or if bad actors produce fake orders, such as invoices, issuing fake calls, or is a bad actor promoting false orders?
- Attackers are scraping data from inventory APIs or conducting espionage.
- unauthorized parties access the Regulated Data or are moved out of certain geographies.
- Money is being diverted to criminals through an API that can be accessed by a compromised partner.
- Business processes are exposed or manipulated.
"Today, APIs contain money and data as well as govern key interactions in a business and to customers, partners and suppliers," said Puneet Agarwal, partner at True Ventures. "Every API is a window into business systems of an organization and potentially exposes key business logic and processes. Ignoring this blind spot is no longer an option, therefore the need for a new approach to security of the API is crucial.
Neosec's revolutionary data analytics approach discovers all APIs involved with a organization, based on existing logs without the need to install any sensors. The platform establishes and maintains a complete inventory of APIs in use and even generates missing documentation for ones that are previously unknown. Neosec is a data-driven software that identifies the risk posture of all uncovered APIs and identifys those transferring sensitive data. The platform reveals any disparity between existing API documentation and the parameters of the API. It flags the APIs that are vulnerable or misconfigured and require fixing.
Neosec automatically learns the baseline behavior of every API user and client, adjusting and profiling multiple entities, including users, customers, business processes and partners. Each user's behavior allows us to view, investigate and threat hunt using detailed timelines of behavior.
Neosec provides the unique ability to:
- Reduce abuse and data theft by deleting API scraping.
- Minimize fraud and unauthorized business transactions.
- Prevent abuse and threats that are hidden in APIs.
- Identify compromised users and credentials.
- Interport risky APIs are riskier than pinpoint's.
- Prevent costly data leakage and compliance breaches.
- By better API performance, customers will gain partner and customer experience.
Neosec is led by co-founders CTO Ziv Sivan and CEO Giora Engel. The technology builds on Engel's previous experience in developing precision security behavioral analytics. Engel is the chair of the fraud prevention task force at Financial Data Exchange. He is a fraud-prevention company. FDX is a XXL. Within the limits of the company, the only thing that is possible is the security of its employees. FS-ISAC - ISAc f-FS. He worked in the elite Unit 8200 of the Israeli Intelligence Corps. LightCyber created the core Extended Detection and Response (XDR) technology by performing behavioral analysis to eliminate attacks. In 2017, LightCyber was acquired by Palo Alto Networks in 2017. Mark Anderson, former President of Palo Alto Networks, is a founding investor and chairman of the Neosec board.
"The most difficult facing cybersecurity is the lack of logical visibility and behavioral assessment of APIs," said Engel. "Existing technologies weren't created to address the amazing exposure organizations now have through their APIs. We created an entirely new approach to data analytics to understand all API interactions. It's fully automated, SaaS delivered and able to protect increasing exposure through digital business."
Investor Quotes Quote. Security is a point of friction that delays projects, says Ziv Conen, partner of New Era Capital Partners. "Neosec helps minimize this friction and enable new digital business initiatives."
"Gartner" TM 'Suppress' Consequently, APIs will become the most frequently used and most often used vectors, resulting in data breaches for enterprise web applications. 1 This threat will only increase, and isn't contained to any particular industry," said David Fairman, Venture Partners, SixThirty and Chief Security Officer, APAC, Netskope. "It will impact every
1 Gartner, "Gart. What You need to do to protect your APIs, what to try to defend your own API" Mark O'Neill, Dionisio Zumerle, Jeremy D'Hoinne, 1 March 2021.
Gartner Disclaimer:: 1 GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S., and internationally and is used herewith permission. All rights reserved.
About the Neosec, about Neocologic, About Neocos, is about the neosectic, Neosec is re-inventing application security with a powerful platform that unifies security and development teams to protect modern applications from threats. The SaaS platform is built on data and analytics to manage security at scale. Neosec prevents threats from exploiting complex APIs that connect today's businesses. This platform helps organizations discover all the key documentation and auditing risks. Neosec pioneered the use of behavioral analytics to understand normal and abnormal API usage and deliver powerful threat hunting capabilities. Neosec prevents threats and stops abuse from being hidden in APIs and brings new intelligence to application security. Neosec is a company with based in Palo Alto, California, and works as specialized research in Tel Aviv, Israel. To learn more, visit Neos.com.