Over 30 million mobile and web app developers around the world use thousands of APIs every day. These APIs carry sensitive data of users which if leaked can cause irreparable damage to companies. Securing these APIs during the development cycle becomes paramount, especially with the movement towards a more agile and continuous release cycle.
To solve this problem, Akto is building a plug-and-play API security platform and is announcing a $4.5M seed funding round led by Accel India with participation from angel investors Akshay Kothari (co-founder and COO of Notion), Renaud Deraison ( co-founder Tenable) and Milin Desai (CEO of Sentry) among others.
Plug-n-play API security platform
Akto is the world's first plug-n-play API security platform which helps security teams and developers secure their APIs in the development pipeline. Akto deploys in less than a minute to create an inventory of APIs, detects PII data leaks, and misconfiguration, and continuously tests these APIs for business logic flaws like broken authentication and authorisation in CI/CD pipeline.
Akto is the most lightweight API security platform, requiring zero manual configuration to get started within a minute. It mirrors traffic from customers’ cloud - AWS and GCP and provides instant visibility to security teams which otherwise would have taken months of back and forth with developers. Akto currently discovers more than 100,000 APIs for its customers around the world.
Robust module
Akto is currently securing thousands of APIs of some of the largest fintech and SaaS companies across the globe
Ankita Gupta and Ankush Jain co-founded Akto in January 2022 with a mission to develop the fastest API security platform. After having worked together for 2 years, they left their jobs last year and talked to 200+ security engineers across the globe before writing a single line of code.
Akto is currently securing thousands of APIs of some of the largest fintech and SaaS companies across the globe. Akto has identified more than 100 leaks with credit card information and found over 1,000 broken authorisation issues through its robust testing module.
Instant inventory
Ankita Gupta, co-founder, at Akto commented, “We learned that the biggest challenge facing teams seeking API security solutions is that it takes months to try them. We have set out to create a solution that is not only fast to act but super easy to deploy. The plug-and-play element means that our customers can get an instant inventory of APIs within 2 minutes.”
API attack traffic has grown 700% in the last year. According to Gartner, by 2022 API abuses will be the most frequent attack vector resulting in data breaches. Last month, Optus, one of the biggest telcos in Australia had a massive data breach because of an unauthenticated API left exposed. If Optus was using Akto, they would have received an alert on this vulnerability and could have prevented this breach.
API security testing
We have built an engine that can process Google-scale traffic with 0 performance impact in real-time"
Ankush Jain, co-founder at Akto added, “I've worked for ten years developing big data applications handling billions of data points at Morgan Stanley and CleverTap. Current solutions give high false positives and to solve this problem I strongly believe that API security testing must be context-aware and should discover deep business logic vulnerabilities."
"To derive context, we apply AI/ML to analyse all of the application traffic. We have built an engine that can process Google-scale traffic (10B requests/day) with 0 performance impact in real-time.”
AKTO MINI
In addition to Akto’s API security platform, Akto has developed a free chrome extension called AKTO MINI to generate a quick inventory of APIs and detect PII data leaks without having to deploy anything.
AKTO MINI has already generated interest from security engineers and developers who have generated their API inventory instantly for free. We have just launched the chrome extension - AKTO MINI and are extending it as a full-fledged open-source project.
CI/CD tool integration
Today APIs are pervasive, they are the glue that enables any software to provide rich functionality"
The new investment will allow Akto to integrate with all CI/CD tools enabling developers to run checks before deploying APIs, provide comprehensive coverage of business logic tests and improve the platform by building stronger AI/ML capabilities. Our vision is to enable the 30 million developers and security engineers to secure their APIs in less than 60 seconds.
Prayank Swaroop, Partner, Accel India commented, “Today APIs are pervasive, they are the glue that enables any software to provide rich functionality. However, till recently not much thought was given to securing APIs."
Scalable & accurate API security solution
"Securing APIs requires identifying complex patterns of API misuse moreover this has to be done in the DevSecOps pipeline following a Shift-Left approach, without taking a lot of time from engineering teams."
"In the current market, all the solutions overwhelm security teams by throwing a lot of false positives. Akto’s approach and tech address all of these problems and provide a reliable, scalable, easy-to-install & accurate API security solution. We are very excited to be a part of their journey.”