API Security

Akamai to Buy Startup Neosec for API Detection and Response

Proposed Neosec Deal Will Help Akamai Customers Discover APIs and Assess Their Risk
Akamai to Buy Startup Neosec for API Detection and Response

Akamai Technologies has agreed to purchase a finalist in last year's RSA Conference Innovation Sandbox Contest to get more visibility into the API threat landscape.

See Also: A Case Study in API Security for AppSec Developers

The Boston-area digital experience vendor said its proposed acquisition of Silicon Valley-based Neosec will make it easier for customers to secure their APIs to help them discover all their APIs, assess their risk and respond to vulnerabilities and attacks. The deal is slated to close by the end of June and is expected to decrease Akamai's non-GAAP earnings per share by $0.04 to $0.06 per share for all of 2023 (see: Akamai CEO on How Guardicore Prevents the Spread of Malware).

"Enterprises expose full business logic and process data via APIs, which, in a cloud-based economy, are vulnerable to cyberattacks," Mani Sundaram, executive vice president and general manager of Akamai's Security Technology Group, said in a statement. "Neosec's platform and Akamai's application security portfolio will allow customers to gain visibility into all APIs, analyze their behavior and protect against API attacks."

FireMon, Transmit Security Founders Line Up Behind Neosec

Neosec was founded at the end of 2020, employs 47 people and has raised $20.7 million in two rounds of outside funding, according to IT-Harvest. The company emerged from stealth in September 2021 with financial backing from former Palo Alto Networks President Mark Anderson, former Fishtech and FireMon CEO Gary Fish, and Transmit Security co-founders Mickey Boodaei and Rakesh Loonkar.

The company was co-founded by Giora Engel - who previously co-founded and sold behavioral analytics vendor LightCyber to Palo Alto Networks for $105 million - and Ziv Sivan, who co-founded smart home and construction startup Vert. Neosec's headcount has fallen by nearly 20% since peaking at 57 workers in August 2022, and more than 60% of the company's staff is based in Israel, according to IT-Harvest.

"Neosec delivers rich, XDR-like API visibility combined with detection and response capabilities that enable full investigation and threat hunting," said Engel, who has served as Neosec's CEO since the company's founding. "Akamai customers will have a better view into all of their API activity to identify vulnerabilities and threats before they are exposed and detect attacks in runtime."

Neosec allows users to both inventory their APIs and perform a comprehensive risk audit as well as investigate alerts and hunt for security threats lurking in their API activity. The early-stage startup's revenue is estimated at $840,000, or just $2,000 per employee, according to IT-Harvest, which gave Neosec a health rating of 4, trailing competitors Apiiro, Noname Security, Salt Security and Traceable.

Fourth Security Acquisition for Akamai Since 2019

The rapidly growing global market for API security technology has been driven by the proliferation of APIs and associated increase in cybersecurity threats, according to Akamai. API-based architectures and microservices are the core of B2B, web and mobile applications and are a primary target for attackers. And regulatory compliance laws require enterprises to strengthen their security measures around APIs.

"Akamai customers will have a better view into all of their API activity."
– Giora Engel, co-founder and CEO, Neosec

Gartner in September recognized Akamai for having the most complete vision and strongest execution ability around web application and API protection, ahead of rivals Cloudflare, Imperva and Radware. The company has boosted its adaptive security engineer feature so firms don't have to set up, deploy, tune and manage thousands of rules for each of their apps, said Vice President of Product Management Eric Graham (see: Akamai, Cloudflare, Imperva Top App & API Defense Gartner MQ).

This is Akamai's fourth significant cybersecurity acquisition in recent years, coming nearly 19 months after the company bought microsegmentation vendor Guardicore for $600 million to block the spread of malware more effectively. In February 2021, Akamai bought Inverse for $17.1 million to better identify and secure IoT and mobile devices such as internet-enabled HVAC, lighting systems and medical equipment.

And in January 2019, Akamai bought Janrain for $123.6 million to improve the security around clients' apps, websites and APIs by leveraging identity access management. All told, Akamai has made 34 acquisitions since being founded nearly a quarter-century ago, according to Crunchbase.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.