Ghost Security leverages stealth to protect APIs and apps from attackers – Meczyki.Net

ghost protection, which its founders describe as an “app security” company, emerged stealthily today with $15 million in combined funding from 468 Capital, DNX Ventures and Munich Re Ventures at a $50 million valuation. CEO Greg Martin said capital will go toward expanding the team, building out Ghost’s product, and launching a pilot with potential customers.

Apps and APIs are at the core of organizations. Ultimately, they are the ones who provide the necessary information to employees and customers. But increasingly, apps and APIs have become attack vectors. Salt Security – which, to be fair, sells API Security products – Estimate The use of “malicious” APIs increased by 681% from December 2020 to December 2021. As for apps, cybercriminals targeting mobile devices often use them, according Pradio Labs for research.

Martin claims that Ghost takes a “data science” approach to security to solve challenges that other vendors cannot. Keeping the details high-end and mostly under wraps — Ghost’s product hasn’t launched yet — he said the company’s technology provides visibility and risk protection for apps and their dependencies, including services and APIs, in both cloud and on-premises environments. provides. ,

“As an industry, we are still seeing a lot of legacy in how to deal with the application, data and microservices sprawl that has been born out of mass cloud adoption,” Martin said in a press release. “Existing approaches and application security solutions are now dated and losing effectiveness. At Ghost, we are completely rethinking our approach to building modern applications from the ground up.”

They are fighting for a company that is a preproduct. But Martin did highlight that Ghost’s co-founders have considerable expertise in cybersecurity. Josh Larson, CTO, was an engineering manager at Symantec before joining Check Point as an account manager and was a co-founder of Blackfin Security Group, which was acquired by Symantec in 2015. Eric Cornelius, chief product officer, was deputy director of the US Department of Homeland. Security’s Control Systems security program and a chief product architect at Blackberry.

Talent is only part of the equation — and Ghost faces competition out of the gate. Above Salt Security has raised millions of dollars for its technology to protect APIs from malicious abuse. Noname, another company aiming to solve API security problems, raised a $1 billion valuation last December after raising a $135 million Series C. Traceable AI, 42Crunch, and Sequence also offer comprehensive API security services, while on the app security side, there are vendors such as Astrix Security and Enso Security.

Hiro Ryo Maeda, managing partner of DNAX Ventures and investor in Ghost, doesn’t mind. Theirs is a worthwhile investment, to be clear, given that the amount of venture capital investments for cybersecurity startups fell 35.8% in the quarter on a quarter-on-quarter basis, according For Pitchbook data.

“The boom in adoption of applications, APIs and microservices represents great growth potential for businesses, but also introduces many new attack surfaces,” Maeda said in a statement. “A better approach is needed to secure these assets, and Ghost is well positioned to address that challenge.”