Cequence Security lands $60M for ML-powered API security

Cequence Security, which currently announced a $60 million series C funding round, talked about it has doubled the client destructive for its API security platform this year and plans to launch a self-carrier subscription offering in 2022 to abet proceed its brisk enhance tempo. The Sunnyvale, California-based mostly completely company now has 85 customers, including T-Mobile and Estée Lauder, and stands out with its employ of machine studying (ML) capabilities for detection of API threats, Larry Hyperlink, president and CEO of Cequence Security, educated VentureBeat.

“Our ML-based mostly completely detection separates malicious from decent and blocks them natively, with out-of-the-box insurance policies — one thing no other API security supplier does currently,” Hyperlink talked about in an email.

The “comprehensive” platform unifies API discovery and stock monitoring with threat prognosis, remediation, and valid-time threat prevention all the plan in which thru any cloud, he talked about.

Rising threats

API security has come to the forefront with enterprises all the plan in which thru all industries within the technique of turning into digital companies — a shift that necessitates gigantic quantities of APIs (utility programming interfaces). The tool serves as an middleman between quite quite a bit of applications, allowing apps and net sites to discover entry to extra records and attain increased functionality. By 2022, the overwhelming majority of net-enabled apps — 90% — will have extra surface accumulate 22 situation uncovered for attack within the compose of APIs than via the human user interface, in response to Gartner study.

Within the intervening time, quite a bit of API security distributors have reported a surge in API-based mostly completely attacks at some level of 2021. In fact, “APIs are an rising attack level,” talked about Peter Firstbrook, vice chairman and analyst at Gartner, at a up to date conference positioned on by the study company.

Maybe the most frequent API-based mostly completely attacks non-public exploitation of an API’s authentication and authorization insurance policies. In these attacks — most ceaselessly is named “leaky” APIs — the hacker breaks the authentication and the authorization intent of the API in order to discover entry to records.

Improved visibility

Finally despite the indisputable truth that, with API security, “the first field customers have is that they keep no longer know the plan many APIs they’ve — and also you would possibly per chance per chance perhaps per chance no longer protect what you would possibly per chance per chance perhaps per chance no longer watch,” Hyperlink talked about.

Thus, Cequence Security’s platform begins with enabling customers to see and manufacture an updated stock of all of their APIs. Then, the platform helps customers to study and remediate the dangers which had been introduced by coding errors, while also maintaining the customers and their APIs with “native, enterprise-class threat prevention,” Hyperlink talked about.

The foundation of the platform is the company’s patented ML-based mostly completely analytics engine, CQAI, which discovers APIs and analyzes their threat posture, then detects and prevents threats, he talked about.

Product plans

Current objects within the works will encompass natural language prognosis that can bag frequent patterns that can perhaps per chance pose a threat within API communications, in response to Hyperlink. Diverse updates beneath pattern encompass an enhancement for the platform’s discovery capabilities to originate customers with an “interior-out” see of their attack surface accumulate 22 situation, he talked about.

Moreover, with the abet of the unique funding round, Cequence is constructing a brand unique self-carrier, subscription-based mostly completely version of its API discovery product, Hyperlink talked about.

The funding changed into led by Menlo Ventures, with participation from Icon Ventures, Telstra Ventures, HarbourVest Partners, Shasta Ventures, Dell Applied sciences Capital, and T-Mobile Ventures. Cequence Security has now raised $100 million since its founding in 2015.

Development spurt

At some level of 2021, Cequence has considered 3X earnings enhance year-over year, in response to Hyperlink. Alongside with T-Mobile and Estée Lauder, other customers encompass American Convey, Narvar, Houzz, and Zulily. The corporate reviews that its platform currently protects 2 billion API transactions per day.

Cequence’s headcount now stands at 80, which has higher than doubled all the plan in which thru the final year — and the company is aiming to double its group again over the coming year, Hyperlink talked about.

Key geographies for market growth in 2022 will encompass the U.S., Europe, Asia, and Australia, he talked about.

Cequence changed into founded by chief product officer Ameya Talwalkar and chief abilities officer Shreyans Mehta. The founders beforehand labored at Symantec, the place Talwalkar changed into director of pattern and Mehta changed into architect and technical director, every serving within the company’s Security Technology and Response unit. Old roles for Hyperlink incorporated serving as senior vice chairman of world gross sales at Palo Alto Networks.