We’re excited to announce we’ve partnered with Akto, the world’s first plug-and-play API security platform, to lead their seed round alongside Renaud Deraison, co-founder of Tenable, Akshay Kothari, co-founder & COO of Notion, Milin Desai CEO of Sentry, and many other industry leaders.
The API economy has been fast-growing, and over 90% of all developers use APIs today - that’s a staggering 18Mn+ developers across the world. There has been over 120% YoY growth in the number of APIs created, and organizations across the world are adopting an API-first philosophy. However, the rise of the API economy has given rise to a new set of risks, as developers are now exposing critical data and business logic to external entities. As enterprises open up their systems to third-party developers and move to a microservices architecture, the surface area for potential threats increases exponentially.
With the increased vulnerability, it has become increasingly difficult for organizations to keep track of all their exposed APIs, and to constantly monitor them for potential security breaches. Moreover, as API testing today remains manual and prone to errors, vulnerable APIs are deployed into production with numerous business logic errors that are hard to detect until the data breach happens. These two forces together mean even the most secure organizations continue to face numerous PII leaks due to vulnerable APIs. In fact, API attacks have increased by 300% in the last 3 years, and the average cost of a data breach, once around $150 million in 2020, is only increasing.
Akto is fixing these problems. The powerful duo behind Akto is Ankita and Ankush, who became good friends at their previous organization, CleverTap where they first experienced problems with API security. With their curiosity piqued, they spent two months talking to 200+ security engineers across the globe. The conversations made it clear there needed to be a better way to build a constant inventory of API endpoints, test APIs for security vulnerabilities, monitor APIs for potential leaks, and block real-time API attacks.
That’s why last year, they started Akto. In only a few months, the team had onboarded multiple marquee customers across India and the US. When we first met Ankita and Ankush, we were extremely impressed by their deep understanding of the problem, their customer obsession, their laser focus on the product, and their differentiated and unique approach to solving the API security challenges. Akto is the world's first shift-left, plug-and-play API security platform, that helps organizations find, test, and monitor APIs for vulnerable endpoints, business logic errors, and potential security leaks.
Ankita and Ankush realized very early in their journey that there are 3 big challenges in the existing API security tools - they take too long to deploy, they impact performance, and they focus on securing APIs when it’s too late. Taking on these challenges head-on, Akto has been built to be fast, such that organizations can deploy it with zero DevOps effort, and be easily integrated into any organization’s CI/CD pipeline. A plug-and-play solution, Akto can be deployed in under 60 seconds to help organizations build an inventory of all API endpoints and identify sensitive and vulnerable endpoints. Moreover, Akto runs on mirrored traffic, ensuring no latency and zero impact on performance. Unlike other API security solutions, Akto provides a complete shift-left solution that helps organizations to discover and test APIs in real-time and helps security engineers and developers to proactively test their APIs for security vulnerabilities in the CI/CD pipelines.
In addition to Akto’s API security platform, Akto has developed a free chrome extension called AKTO MINI to generate a quick inventory of APIs and detect PII data leaks without having to deploy anything. AKTO MINI has already generated interest from security engineers and developers who have generated their API inventory instantly for free. They are now extending AKTO MINI as a full-fledged open source project.
Over the past few months, Akto has seen tremendous adoption of its platform across India and the US, helping some of the world’s largest API-first organizations in securing their APIs. They’ve discovered over 100k unknown APIs and 1000+ broken auth issues so far. We are excited to join their journey of building the smoothest API security platform in the world. To learn more about Akto, please visit their website (www.akto.io) and follow them on Twitter (@Aktodotio).