API discovery and vulnerability detection platform Salt Security today raised $70 million in a series C funding round led by Advent International. The Palo Alto, California-based startup says it plans to use the capital to expand its global operations across R&D, sales and marketing, and customer success.

Application programming languages (APIs) dictate the interactions between software programs. They define the kinds of calls or requests that can be made, how they’re made, the data formats that should be used, and the conventions to follow. As over 80% of web traffic becomes API traffic, APIs are coming under increasing threat. Gartner predicts that by 2022, API abuses will move from an infrequent to the most frequent attack vector, resulting in data breaches for enterprise web apps.

Salt’s platform aims to prevent these attacks with a combination of AI and machine learning technologies. It analyzes a copy of the traffic from web, software-as-a-service, mobile, microservice, and internet of things app APIs and uses this process to gain an understanding of each API and create a baseline of normal behavior. From these baselines, Salt identifies anomalies that might be indicators of an attack during reconnaissance, eliminating the need for things like signatures and configurations.

“I’m a former elite cybersecurity unit veteran that led development of high-end security systems to protect the largest network in Israel of the Israel Defense Forces and the government,” cofounder and CEO Roey Eliyahu told VentureBeat via email. “During my service and afterwards in different roles, I consistently found that APIs were surprisingly simple to hack and that existing security technologies could not identify API attacks. I joined forces with my cofounder and COO, Michael Nicosia, to build Salt Security on the premise that we needed to take a fundamentally different approach — to use big data and AI to solve the problem of securing APIs, a problem traditional security tools cannot solve because of their legacy architectures.”

Above: The web dashboard for the Salt Security platform.

Image Credit: Salt Security

Salt leverages dozens of behavioral features to identify anomalies. Its machine learning models are trained to detect when an attacker is probing an API, for instance, because this deviates from typical usage. They analyze the “full communication,” taking into consideration factors like how an API responds to malicious calls. And they correlate attacker activity, enabling Salt to connect probing attempts performed over time to a single attacker, even if the perpetrator attempts to conceal their identity by rotating devices, API tokens, IP addresses, and more.

Confirmed anomalies trigger a single alert to security teams with a timeline of attacker activity.

“APIs connect all of today’s vital data and services. Organizations rely on the Salt Security API Protection Platform to identify API security vulnerabilities ahead of launching them in production,” Eliyahu said. “These remediation insights enable companies to move fast in their application development while still reducing risk by finding security gaps before they can be exploited. The Salt platform provides runtime protection, blocking attacks such as credential stuffing, data exfiltration, account misuse, and fraud. Salt also helps companies meet compliance needs, providing documentation of all APIs as well as where they expose sensitive data.”

Upward trajectory

Salt takes an approach similar — but not identical — to that of Elastic Beam, an API cybersecurity startup that was acquired by Denver, Colorado-based Ping Identity in June 2018. Other rivals include Spherical Defense, which adopts a machine learning-based approach to web application firewalls, and Wallarm, which provides an AI-powered security platform for APIs, as well as websites and microservices.

But Salt is doing brisk business, with customers like Equinix, Finastra, TripActions, Armis, and DeinDeal. The company, which was founded in 2016, claims to have driven 400% growth in revenue, 160% growth in employees (to more than 65), and 380% growth in the API traffic it secures.

“We have high double-digit numbers of enterprise customers in financial, fintech, insurance, retail, software-as-a-service, ecommerce, and other verticals … For most Salt customers, the pandemic accelerated their digital transformation and cloud migration journeys. Digital transformation depends heavily on APIs, so most of our customers were writing APIs at a much more rapid rate,” Eliyahu said. “Our customer, Armis, for example, had to integrate with many more device types in its internet of things security offering to serve its customers, whose employees were now working from home. Instead of having dozens of APIs to write and protect, the company suddenly had hundreds, and manual testing and documentation efforts simply could not scale, so they needed to deploy Salt earlier and more broadly than originally expected. Several Salt customers experienced a similar acceleration, and our revenue grew faster as a result.”

This latest financing round had participation from Alkeon Capital and DFJ Growth along with investors Sequoia Capital, Tenaya Capital, S Capital VC, and Y Combinator. It brings Salt’s total raised to $131 million to date following a $30 million round in December 2020.