The Silicon Review
Today enterprises aren't just trying to secure their APIs; they are trying to secure their entire environment from API vulnerabilities, API misconfigurations, and API cyberattacks. Palo Alto-based cybersecurity startup, Noname Security, protects digital environments in real-time by preventing API cyberattacks and detecting API vulnerabilities and API misconfigurations before they are exploited.
The team at Noname architected the Noname API Security Platform as an out-of-band solution to reduce operational friction. This means that Noname doesn't require agents or network modifications. You don't deploy Noname; you simply connect it.
Noname is the most powerful, complete, and easy-to-use API security platform that helps enterprises discover, analyze, remediate, and test all legacy and modern APIs. Noname's solution finds and inventories all APIs; detects attacks, suspicious behavior, and misconfigurations using AI-based behavioral analysis; prevents attacks and integrates with existing remediation and security infrastructure; and actively validates APIs before deployment.
The cybersecurity company has amassed 40 partners in under a year. It also has hundreds of enterprise customers who are either using the Noname platform or evaluating it. This stellar performance has helped the startup raise $60 million in the Series B funding round in June 2021, just six months after securing $25 million in Series A.
We recently interviewed Noname’s CEO and Co-founder, Oz Golan, to know more about the importance of API security and how the company is delivering quality in this niche of cybersecurity. Read on for the excerpts from the interview.
Q. What inspired you to establish the company?
My Co-Founder, Shay Levi, and I were interested in founding a cybersecurity company. But before we wrote a single line of code or even focused on API security, we met with many of the world’s leading CISOs to learn about their biggest security challenges. APIs were the largest threat and there were significant gaps in what the market had to offer.
These CISOs shared with us that they wanted a solution that could proactively protect their environment from the threats that APIs presented, without introducing more complexity or risk to their hybrid and multi-cloud environments. We saw the opportunity to develop a more robust API security solution that could satisfy these requirements, which inspired us to create Noname Security.
Q. What makes your network security solutions relevant in today’s times? How do you stay on the pulse of the growing landscape of cyberthreats/cybersecurity?
Today, all enterprises are technology companies, and their technology is powered by APIs. The surge in API adoption has made them the #1 attack vector and enterprises are dealing with operational complexity as they try to manage and secure thousands of APIs across data centers and clouds. A single misconfiguration in a sprawling API environment could lead to the next exploit or attack — we see this manifest in the headlines every week.
We stay at the cutting edge of this trend by building the world’s largest and most innovative API security R&D teams, and we maintain close communication with a growing number of CISOs and cyber security leaders across the globe to make sure we stay one step ahead of the ever-evolving threat landscape.
Q. How does the Noname Security platform standout in the cybersecurity space?
While we are one of the youngest pure play API security companies, we are also the largest. This is testament to our modern architecture which is more flexible to the needs of the enterprise, and due to our broader and holistic view of API security.
API security isn’t about securing APIs, it is about securing an enterprise’s digital footprint from the threats, risks, and vulnerabilities associated with APIs. Noname’s broader feature set allows enterprises to Discover, Analyze, Remediate, and Test (we call this the D.A.R.T. API Security Strategy) all APIs — including legacy and shadow APIs — across all clouds and data centers. And our ability to do this without agents or network modifications is completely unique to the market.
Q. Internal inefficiencies in an organization undermine security analytics and operations. Do you help your clients patch their internal operations?
Yes. Managing APIs at scale is one of those internal efficiencies. We’ve found that most organizations don’t even have the visibility into 30% of their APIs — how can you secure what you can’t see?
Managing APIs manually is an impossible task. Noname gives instant visibility into a complete inventory of APIs so that organizations can easily find areas to improve security and operations.
Q. How important are partnerships to Noname Security?
Partnerships are absolutely critical for Noname Security. We partner and integrate with many cloud, API gateway, and WAF vendors because our tools are better together and provide our joint customers with better experience. We have partnered with over 40 technology partners, integrators, service providers, channel partners, and resellers. API security is a priority for the entire market, and partnerships accelerate Noname’s ability to deliver customer value.
Q. How did you help out since the breakout of the COVID-19 pandemic? How have you innovated to adapt?
The company was founded right before the COVID-19 pandemic, and we were operating in stealth at the time. The pandemic didn’t disrupt us. In fact, in many ways it accelerated our growth. The rise of the cloud and remote work created a lot more demand for API security solutions.
Q. Bigger the network. Bigger the issue. Do you think your services are ready to cater the needs of never ending digital transformation?
Yes. API security has been a massive missing component of digital transformation. “Cloud” and “microservices” mean APIs. As enterprises have been pioneering their own unique digital transformation journeys, they have been exposing themselves to more and more risk. Our solution is uniquely designed to address the growing needs of the modernizing enterprise.
Q. What does the future hold for your company and its customers? Are exciting things on the way?
Noname wants to make sure that organizations can leverage APIs safely and securely, at scale — we want to eliminate the vulnerabilities of APIs. Noname does this by continuing to do what we did when we first were founded. We listen aggressively to the needs of our customers and tirelessly pioneer new capabilities. Our Product and R&D teams release new updates every 2 weeks, which means new exciting things are always on the way so we can maintain API security for our customers.
The Cybersecurity Expert
Oz Golan, CEO and Co-founder: Prior to founding Noname Security, Oz Golan served as the Director of R&D at NSO Group and as a Security Researcher in Unit 8200 (Israeli Defense Forces).