Neosec is a new Israeli cybersecurity startup that has just revealed itself, coming out of stealth mode. Neosec completed its Series A fundraise with a total investment of $20.7 million from True Ventures, New Era Capital Partners, TLV and SixThirty in addition to security visionaries Mark Anderson, Gary Fish, Mickey Boodaei, Rakesh Loonkar and Shailesh Rao. It is somewhat ironic to hear that a cybersecurity firm has come out of its “stealth mode.”
Cybersecurity firms are really bringing in the money these days. And investors certainly have reason to believe that cybersecurity will bring them their best return on investment. Just last week, Snyk, an Israeli cybersecurity startup in the field of cloud native application security hit an $8.7 billion valuation. And Snyk has yet to even make its formal exit.
There is a reason why cybersecurity startups are worth so much money. Hackers keep on getting better and better so the security infrastructure needs to keep up the pace. And it is not only big companies and governments that need to be worried. There are malevolent hackers out there who think that it is fun to ruin a random person’s life through identity theft or just wiping their computer’s records.
Founded by CTO Ziv Sivan and CEO Giora Engel, Neosec uses AI-based behavioral analytics to fight and defend against threat actors from abusing the rapidly expanding API attack surface exposed by microservices architectures.
Neosec says that its solution a new method of cybersecurity in that it is taking a different approach from today’s traditional application security tools that typically rely on protecting a perimeter using signature-based methodologies. Instead, Neosec says that the company brings established techniques from XDR (Extended Detection and Response) security products, including precise behavioral analytics, to reveal threats and business abuse hiding inside APIs.
APIs are the building blocks of digital business and help speed up innovation and software development by easily connecting businesses, partners and services. While APIs already represent a substantial portion of an organization’s traffic, their rapid adoption has made them a conduit for misuse, manipulation, theft and attack. Most enterprises underestimate the risk, because they lack a comprehensive inventory of APIs and are unaware of the scale of unknown shadow APIs.
They also have no way to assess what is being done within an API. Industry analysts have predicted that API abuses and attacks will soon become the most common vector for stealing from or impairing enterprises.
“Today’s new applications are all API-driven, which creates a new attack surface that puts business fundamentals at risk,” said Brian Sack, principal at TLV Partners. “Traditional application security techniques are scarcely relevant in a cloud and API-first world.”
“One of the greatest challenges facing cybersecurity is the severe lack of logical visibility and behavioral assessment of APIs,” said Giora Engel. “Existing technologies were not created to address the incredible exposure organizations now have through their APIs. We created an entirely new approach based on data analytics to provide a complete understanding of all API interactions. It is fully automated, SaaS delivered and able to protect increasing exposure through digital business.”