Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

05:00 PM
Dark Reading
Dark Reading
Products and Releases

Noname Security Lands $60M Series B

PALO ALTO, Calif., June 30, 2021 (GLOBE NEWSWIRE) -- Hard on the heels of its emergence from stealth, enterprise API security company Noname Security announced a $60M Series B today led by Insight Partners, with Next47, Forgepoint, and The Syndicate Group (TSG) joining the round and existing investors Cyberstarts and Lightspeed Venture Partners participating as well. The round brings Noname’s total funding to $85M since emerging from stealth in December 2020.

The latest funding comes amid fast growth for the Silicon Valley-based startup. In the six months since launch, Noname has amassed forty technology, reseller, and channel partners and hundreds of enterprise customers either in production or evaluating the platform.

The demand is urgent as APIs — the connectors that clouds and software applications use to communicate with one another — have become the cyberattacker’s target of choice, according to analyst firm Gartner.

“The surging volume of APIs and the growing complexity of modern applications has led to an increase in cybersecurity obstacles,” said Thomas Krane, Principal at Insight Partners. “Noname came to market at just the right time with a fully realized, next-gen technology that’s making a big impact with global customers.”

API vulnerabilities can take many forms. A developer’s forgotten side-project. A software interface improperly set up. An obsolete block of code that was never removed.

Some of these security flaws are documented. Most are not. The great majority go unnoticed—often for years—giving anyone who can find them unfettered access to an organization’s most sensitive operations.

And all too often, attackers find them first.

“When we show potential customers all the vulnerabilities Noname has discovered in their APIs, it’s a real light-bulb moment for them,” said Oz Golan, CEO and co-founder of Noname Security. “Even seasoned security professionals often have no idea how exposed their systems are.”

The Noname API Security Platform covers every aspect of API security, from discovery to analysis to remediation and testing. It creates a complete inventory of an organization’s APIs and uses AI and machine learning to detect attackers, suspicious behavior, and misconfigurations. It remediates API vulnerabilities by integrating with existing security infrastructure and blocking attacks in real-time, all without deploying agents or requiring network modifications. Customers can also use Noname to test APIs before deployment, preventing vulnerabilities from ever going into production.

Noname’s approach has won widespread praise — and rapid customer adoption.

“There’s a lot more to API security than just protecting against external attacks,” Golan said. “Noname is the only solution that addresses the full range of API vulnerabilities, including protecting APIs in real-time from adversaries, scanning the environment for misconfigurations and compliance issues, and becoming part of the software development lifecycle by finding issues during the development process. Noname monitors the relationships and flows of information between all internal and external APIs. By discovering and analyzing everything in real-time, it protects the entire environment throughout the API lifecycle before something goes wrong, whether it’s a threat from the outside or an internal error.”

Another part of Noname’s appeal is its turnkey design. Unlike competing products, Noname doesn’t rely on an army of software agents to monitor applications and processes. Where agents decrease network performance and need to be installed, configured, and updated, Noname integrates seamlessly with clouds, on-premises environments, and other security and IT management tools. It isn’t deployed but simply connected — one of the many qualities that have quickly made Noname a favorite with IT security chiefs.

“APIs are a centerpiece of digital transformation and cloud-centric technology adoption, and API security has risen to the top of the CISO priority list,” said veteran banking CISO Karl Mattson. “Noname’s team and technology are hitting this challenge head-on.”

“It’s no coincidence that since entering general availability, Noname has won every competitive head-to-head evaluation we’ve been involved in,” Golan said. “Based on our traction and the feedback we’ve received from customers, it’s clear we’re serving a real need with a product that surpasses everything else on the market.”

To learn more about Noname visit: www.nonamesecurity.com

About Noname Security

Noname Security creates the most powerful, complete, and easy-to-use API security platform that helps enterprises discover, analyze, remediate, and test all legacy and modern APIs. Fortune 500 companies trust the Noname API Security Platform to protect their environments from API attacks, vulnerabilities, and misconfigurations. Noname is a privately held company headquartered in Palo Alto, California, with an office in Tel Aviv. www.nonamesecurity.com


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-08-05
CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..
PUBLISHED: 2021-08-05
In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being validated/updated prior to message authentication.
PUBLISHED: 2021-08-05
In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being being validated / updated prior to message authentication.
PUBLISHED: 2021-08-05
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release.
PUBLISHED: 2021-08-05
The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request.