"The use of APIs has become the Achilles' heel of the cyber industry and is considered the most common threat factor for cyber-attacks," said Gil Don, CEO and founder of the new Israeli APIs security startup Wib. According to Don, APIs are responsible for more than 90 percent of communications on the Internet today, and 50 percent are considered unmonitored and identifiable to IT and information security teams. This is where Web comes in, and they just announced raising $16 million.
A new approach to enterprise API security
The field of API Security is considered one of the most difficult challenges facing organizations' security personnel, and quite a few companies – including some prominent Israeli companies such as Salt or NoName – are active in this field. But Wib claims that the traditional tools are not adapted to the existing challenges and provide only a partial solution, which causes high expenses, a lack of control and understanding of the existing APIs, and a higher exposure of the organization to risks arising from APIs.
According to the company, its solution is the only one in its field that offers full visibility and transparency for all APIs that exist in the organization, from the code level to the production level. Wib's platform unites developers, teams, and information security managers under one platform, which allows them to understand the complete picture of their API at any given moment. Among other things, the system produces an up-to-date inventory of all APIs that exist in organizations; exposes unmanaged APIs (zombie, shadow, rogue APIs); enables a deep understanding of the inherent risk in each of the APIs; helps the organization reduce risks and minimize the attack surface created because of APIs. Wib explained that traditional tools such as WAF and API Gateway were never designed to address logical weaknesses that arise from the use of APIs, whereas their platform, from the start, was designed for the new world of web traffic that is largely driven by APIs: "We actually created a new category of API native security" explained Don.
Still, there are prominent Israeli companies in the field such as Salt and NoName Security, or the French 42Crunch. How does Wib differ from them?
"There are several players in the world of API Security, but they all have a different approach than Wib. The companies you mentioned provide a partial solution to the problem and focus, for example, only on the production environment or only on the testing environment or both together. They do not, however, provide a platform like Wib's, which starts in the API code development and continues through the testing and production environments. In fact, Wib has the only holistic solution in the world of API Security that is real-time and fully automated. I have already met companies that bought one solution for production and another for testing or development."
Now the company is announcing a $16 million funding round led by Koch Disruptive Technologies (KDT), in partnership with Kmehin Ventures, Venture Israel, Techstars and existing investors.