Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

5/26/2021
10:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Salt Security Raises $70 million in Series C Funding to Expand Global Operations

Total funding of $131 million along with 400% growth in revenue further enhance the lead Salt holds in the API security market.

PALO ALTO, Calif. – May 26, 2021 – Salt Security, the leading API security company, today announced it has secured $70 million in Series C funding, led by Advent International, one of the largest and most experienced private equity investors, through Advent Tech, with participation from Alkeon Capital and DFJ Growth. Existing investors Sequoia Capital, Tenaya Capital, S Capital VC, and Y Combinator also participated in the round. Salt will use the funds to expand its global operations across R&D, sales and marketing, and customer success.

To date, Salt Security has raised $131 million, $120 million of it in the last year. In the past 12 months, Salt has driven 400% growth in revenue, 160% growth in employees, and 380% growth in the API traffic it secures. This latest infusion of capital cements the company’s lead in the API security market, with the most funding, the most customers, the fastest growth, the most application environments and ecosystem integrations supported, the most use cases enabled, and the longest time in market to ensure the most advanced ML and AI algorithms for API attack prevention.

As APIs have proliferated as part of digital transformation, cloud migration, and application acceleration initiatives, API security incidents have risen in tandem, as attackers realize APIs are fruitful and lucrative to target. According to the most recent Salt Security State of API Security Report, in 2020, Salt customers’ average monthly call volume increased 51% while malicious API traffic grew 211%. According to Gartner, Inc., “By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.”¹

“APIs are at the heart of all our application innovation today,” said Mike Towers, CISO, Takeda Pharmaceuticals. “As attackers have turned their focus on APIs, we must ensure the data and services our APIs connect remain protected. In evaluating multiple solutions, we quickly saw the technical advantages of the Salt platform, and we also appreciate how Salt has partnered with us throughout this journey.”

Salt Security offers a unique approach to API security with its flagship solution, the Salt Security API Protection Platform. The big data engine and AI and ML at the heart of the Salt C-3A Context-based API Analysis Architecture automates the continuous discovery of APIs and exposed sensitive data, stops API attackers during their reconnaissance activities, and delivers remediation insights. Needing no agents, software changes, or inline code, the patented Salt platform deploys quickly, with no impact on application performance.

“The rapid proliferation of APIs has dramatically altered the attack surface of applications, creating a major challenge for large enterprises since existing security mechanisms cannot protect against this new threat,” said Bryan Taylor, managing partner and head of Advent’s technology team in Palo Alto. “We continue to see API security incidents make the news headlines and cause significant reputational risk for companies. As we investigated the API security market, Salt stood out for its multi-year technical lead, significant customer traction and references, and talented team. We look forward to drawing on our deep experience in this sector to partner with Salt in this exciting new chapter.”

Salt Security continues to grow its sales capacity and increase investments in its channel operations. Anton Granic has joined the company as Vice President of Worldwide Sales. Granic, who came to Salt from Nutanix, is focused on global expansion and partner enablement as Salt Security enters its next phase of growth.

“Several recent high-profile API security incidents have forced organizations to recognize that  their existing protections cannot prevent API attacks or handle the scale and complexity of today’s API-driven applications,” said Roey Eliyahu, CEO and co-founder of Salt Security. “This new round of funding will help us increase our rate of innovation and businesses in more regions securely adopt APIs to foster their own innovation.”

Fortune 500 and market disruptors across FinServ, FinTech, Retail, and SaaS industries – including Equinix, Finastra, TripActions, Armis, and DeinDeal – trust Salt Security for its ability to protect the vital API-driven services and applications fueling business innovation today. To learn more about Salt Security or to request a demo, please visit https://content.salt.security/demo.html.

Supporting Quotes
“Unlike legacy approaches to API security, the Salt Security platform is built on a modern, agentless, and AI-first architecture. It can deploy in any application environment and is up and running in customer environments in minutes,” said Abhi Arun, managing partner, Alkeon Capital. “The company earned its lead in API security by honing its capabilities and AI/ML models over time and across multiple customer environments, offering a significant advantage over newer entrants. We’re thrilled to be part of the company’s next stage of growth and look forward to helping enable the company’s continued innovation and leadership.”
“Our investment in Salt Security, a company setting the standard for API security, will help  further address the very pressing issue of API attacks and vulnerabilities that are vexing companies in all industries,” said Sam Fort, partner at DFJ Growth. “The high-profile security incidents we’ve seen as a result of leaky APIs, in combination with the attacks carried out against API-dependent enterprises, indicate that companies face two major problems. First, APIs can be easily exposed through any number of API design or code flaws, and second, attackers have opportunistically set their sights on API-rich environments. Salt Security addresses both of these areas to fully harden API security postures.”
About Salt Security

Salt Security protects the APIs that form the core of every modern application. Its API Protection Platform is the industry’s first patented solution to prevent the next generation of API attacks, using machine learning and AI to automatically and continuously identify and protect APIs. Deployed in minutes, the Salt Security platform learns the granular behavior of a company’s APIs and requires no configuration or customization to pinpoint and block API attackers. Salt Security was founded in 2016 by alumni of the Israeli Defense Forces (IDF) and serial entrepreneur executives in the cybersecurity field and is based in Silicon Valley and Israel. For more information, please visit: https://salt.security.

About Advent International

Founded in 1984, Advent International is one of the largest and most experienced global private equity investors. The firm has invested in over 375 private equity investments  across 42 countries, and as of December 31, 2020, had $76 billion in assets under management. With 15 offices in 12 countries, Advent has established a globally integrated team of over 240 private equity professionals across North America, Europe, Latin America and Asia. The firm focuses on investments in five core sectors, including business and financial services; health care; industrial; retail, consumer and leisure; and technology. After 35 years dedicated to international investing, Advent remains committed to partnering with management teams to deliver sustained revenue and earnings growth for its portfolio companies. For more information, visit:

Website: www.adventinternational.com

LinkedIn: www.linkedin.com/company/advent-international

About Alkeon Capital

Alkeon Capital is a global multi-billion dollar investment firm that invests in private and public growth and technology companies and category definers. With more than two decades of experience focusing on People and Innovation, Alkeon works closely with disruptive private companies to help them expand their addressable market, scale efficiently and seamlessly crossover to the public markets. Alkeon’s goal is to be a long-term and accretive partner to all its portfolio companies along their private and public journey.

About DFJ Growth

DFJ Growth is a venture capital firm that partners with extraordinary entrepreneurs that set out to change the world. Our investments include Anaplan (NYSE: PLAN), Box (NYSE: BOX), Cohesity, Coinbase (NASDAQ: COIN), Patreon, Ring (Amazon), SpaceX, Stripe, Sumo Logic (NASDAQ: SUMO), Tesla (NASDAQ: TSLA), Twitter (NYSE:TWTR), and Unity (NYSE: U). The firm works with companies at the growth stage, with the goal of creating iconic and lasting businesses in consumer, enterprise, and disruptive technologies. Learn more at www.dfjgrowth.com

¹ Gartner, API Security: What You Need to Do to Protect Your APIs, by Mark O'Neill, Dionisio Zumerle, Jeremy D'Hoinne, 1 March 2021.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
CVE-2021-32553
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.