By ET Bureau - November 04, 2022 5 Mins Read
Over 30 million mobile and web app developers around the world use thousands of APIs everyday. These APIs carry sensitive data of users which if leaked can cause irreparable damage to companies. Securing these APIs during the development cycle becomes paramount, especially with the movement towards a more agile and continuous release cycle. To solve this problem, Akto is building a plug and play API security platform and is today announcing a $4.5M seed funding round led by Accel India with participation from angel investors Akshay Kothari (co-founder and COO of Notion), Renaud Deraison ( co-founder Tenable) and Milin Desai (CEO of Sentry) among others.
Akto is the world’s first plug-n-play API security platform which helps security teams and developers secure their APIs in the development pipeline. Akto deploys in less than a minute to create an inventory of APIs, detects PII data leaks, misconfigurations and continuously tests these APIs for business logic flaws like broken authentication and authorization in CI/CD pipeline. Akto is the most lightweight API security platform, requiring zero manual configuration to get started within a minute. It mirrors traffic from customer’s cloud – AWS and GCP and provides instant visibility to security teams which otherwise would have taken months of back and forth with developers. Akto currently discovers more than 100,000 APIs for its customers around the world.
Ankita Gupta and Ankush Jain co-founded Akto in January 2022 with a mission to develop the fastest API security platform. After having worked together for 2 years, they left their jobs last year and talked to 200+ security engineers across the globe before writing a single line of code. Akto is currently securing thousands of APIs of some of the largest fintech and SaaS companies across the globe. Akto has identified more than 100 leaks with credit card information and found over 1,000 broken auth issues through its robust testing module.
Ankita Gupta, co-founder, at Akto commented: “We learned that the biggest challenge facing teams seeking API security solutions is that it takes months to try them. We have set out to create a solution that is not only fast to act but super easy to deploy. The plug and play element means that our customers can get an instant inventory of APIs within 2 minutes.”
API attack traffic has grown 700% in the last year. According to Gartner, by 2022 API abuses will be the most frequent attack vector resulting in data breaches. Last month, Optus – one of the biggest telcos in Australia had a massive data breach because of an unauthenticated API left exposed. If Optus was using Akto, they would have received an alert on this vulnerability and could have prevented this breach.
Ankush Jain, co-founder at Akto added: “I’ve worked for ten years developing big data applications handling billions of data points at Morgan Stanley and CleverTap. Current solutions give high false positives and to solve this problem I strongly believe that API security testing must be context-aware and should discover deep business logic vulnerabilities. To derive context, we apply AI/ML to analyze all of application traffic. We have built an engine that can process Google-scale traffic (10B requests/day) with 0 performance impact in real-time.”
In addition to Akto’s API security platform, Akto has developed a free chrome extension called AKTO MINI to generate a quick inventory of APIs and detect PII data leaks without having to deploy anything. AKTO MINI has already generated interest from security engineers and developers who have generated their API inventory instantly for free. We have just launched the chrome extension – AKTO MINI and are extending it as a full fledged open source project.
The new investment will allow Akto to integrate with all CI/CD tools enabling developers to run checks before deploying APIs, provide comprehensive coverage of business logic tests and improve the platform by building stronger AI/ML capabilities. Our vision is to enable the 30 million developers and security engineers to secure their APIs in less than 60 seconds.
Prayank Swaroop, Partner, Accel India commented: “Today APIs are pervasive – they are the glue that enables any software to provide rich functionality. However, till recently not much thought was given to securing APIs. Securing APIs requires identifying complex patterns of API misuse – moreover this has to be done in the DevSecOps pipeline following a Shift-Left approach, without taking a lot of time from engineering teams. In the current market, all the solutions overwhelm security teams by throwing a lot of false positives. Akto’s approach and tech addresses all of these problems and provides a reliable, scalable, easy to install & accurate API security solution. We are very excited to be a part of their journey.”.
The Enterprise talk Bureau has five well-trained writers and journalists, well versed in B2B enterprise technology industry, and constantly in touch with industry leaders for the latest trends, opinions, and other inputs- to bring you the best and latest in the domain.
A Peer Knowledge Resource – By the CXO, For the CXO.
Expert inputs on challenges, triumphs and innovative solutions from corporate Movers and Shakers in global Leadership space to add value to business decision making.Media@EnterpriseTalk.com