More than 30 million mobile and international web app developers use thousands of APIs every day. These APIs carry sensitive data of users which if leaked can cause irreparable damage to companies. Securing these APIs during the development cycle becomes paramount, especially with the movement towards a more agile and continuous release cycle.
To solve this problem, Akto is building a plug-and-play API security platform and is announcing a $4.5 million seed funding round led by Accel India with participation from angel investors Akshay Kothari (co-founder and COO of Notion), Renaud Deraison ( co-founder Tenable) and Milin Desai (CEO of Sentry) among others.
Akto says it has “the world’s first” plug-n-play API security platform that helps security teams and developers secure their APIs in the development pipeline. Akto deploys in less than a minute to create an inventory of APIs, detects PII data leaks, misconfigurations and tests these APIs continuously for business logic flaws like broken authentication and authorization in CI/CD pipeline.
Akto is a lightweight API security platform, requiring zero manual configuration to get started within a minute. It mirrors traffic from customers’ cloud – AWS and GCP and provides visibility to security teams which otherwise would have taken months of back and forth with developers. The effectiveness is measured by Akto discovering more than 100,000 APIs for its customers globally.
Ankita Gupta and Ankush Jain co-founded Akto last January. Their mission was “to develop the fastest API security platform.” After having worked together for two years, they left their jobs in 2021 and talked to more than 200 security engineers before writing a single line of code. Since then, Akto secures thousands of APIs of some of the largest fintech and SaaS companies worldwide. Akto has identified more than 100 leaks with credit card information and found more than 1,000 broken auth issues through its robust testing module.
“We learned that the biggest challenge facing teams seeking API security solutions is that it takes months to try them,” said Ankita Gupta, co-founder, at Akto “We have set out to create a solution that is not only fast to act but super easy to deploy. The plug-and-play element means that our customers can get an instant inventory of APIs within two minutes.”
Gupta’s co-founder, Jain, added, “I’ve worked for 10 years developing big data applications handling billions of data points at Morgan Stanley and CleverTap. Current solutions give high false positives and to solve this problem, I strongly believe that API security testing must be context-aware and should discover deep business logic vulnerabilities. To derive context, we apply AI/ML to analyze all of application traffic. We have built an engine that can process Google-scale traffic (10B requests/day) with 0 performance impact in real-time.”
In addition to Akto’s API security platform, Akto has developed a free chrome extension called AKTO MINI to generate an inventory of APIs and detect PII data leaks without having to deploy anything. AKTO MINI has generated interest from security engineers and developers who have generated their API inventory instantly for free.
The investment allows Akto to integrate with all CI/CD tools enabling developers to run checks before deploying APIs, provide comprehensive coverage of business logic tests and improve the platform by building stronger AI/ML capabilities.
Learn more about Akto here: https://www.akto.io/
Photo: Akto co-founders Ankita Gupta and Ankush Jain