Cequence Security lands $ 60M for ML-powered API protection

Hear from CIOs, CTOs and other C-level and senior executives about data and AI strategies at the Future of Work Summit on January 12, 2022. Learn more

Cequence Security, which today announced a $ 60 million C-Series funding round, said it has doubled the customer base for its API security platform this year and plans to launch a self-service subscription in 2022 to help continue its rapid growth pace. The Sunnyvale, California-based company now has 85 customers, including T-Mobile and Estée Lauder, and stands out with its use of machine learning (ML) features to detect API threats, said Larry Link, president and CEO of Cequence Security. VentureBeat.

“Our ML-based detection separates malicious from legitimate and blocks them built-in, with out-of-the-box policies – something no other API security provider is currently doing,” Link said in an email.

The “comprehensive” platform combines API discovery and inventory tracking with real-time risk analysis, remediation and threat prevention across any cloud, he said.

Growing threats

API security has come to the forefront of businesses across all industries in the process of becoming digital businesses – a shift that necessitates large amounts of APIs (application programming interfaces). The software acts as an intermediary between different applications, allowing apps and websites to access more data and gain greater functionality. By 2022, the vast majority of web-enabled apps – 90% – will have more surface area exposed to attacks in the form of APIs than via the human user interface, according to Gartner research.

Meanwhile, several API security vendors have reported an increase in API-based attacks during 2021. Undoubtedly, “APIs are a rising point of attack,” Peter Firstbrook, vice president and analyst at Gartner, said at a recent conference by analytics firm.

The most common API-based attacks involve the exploitation of an API’s authentication and authorization policies. In these attacks – also known as “leaky” APIs – the hacker breaks the authentication and authentication intent of the API to gain access to data.

Improved visibility

But ultimately, with API security, “the first challenge customers have is that they have no idea how many APIs they have – and you can not protect what you can not see,” Link said.

Thus, Cequence Security’s platform starts by enabling customers to discover and create an updated inventory of all their APIs. The platform then helps customers analyze and address the risks that have been introduced by coding errors, while protecting customers and their APIs with “native, enterprise-class threat prevention,” Link said.

The foundation of the platform is the company’s patented ML-based analytics engine, CQAI, which detects APIs and analyzes their risk position and then detects and prevents threats, he said.

Product plans

New models in the works will include natural language analysis that will find common patterns that may pose a risk in API communication, according to Link. Other updates under development include improving the platform’s detection capabilities to give customers an “inside-out” picture of their attack surface area, he said.

In addition, using the new funding round, Cequence is developing a new self-service, subscription-based version of its API discovery product, Link said.

The financing was led by Menlo Ventures with participation from Icon Ventures, Telstra Ventures, HarborVest Partners, Shasta Ventures, Dell Technologies Capital and T-Mobile Ventures. Cequence Security has now raised $ 100 million since its inception in 2015.

Growing pains

During 2021, Cequence has experienced 3X revenue growth year over year, according to Link. Along with T-Mobile and Estée Lauder, other customers include American Express, Narvar, Houzz and Zulily. The company reports that its platform currently protects 2 billion API transactions per day.

Cequence’s employees are now 80, which has more than doubled over the past year – and the company aims to double its team again over the coming year, Link said.

Key geographies for market expansion in 2022 will include the United States, Europe, Asia and Australia, he said.

Cequence was founded by Chief Product Officer Ameya Talwalkar and Chief Technology Officer Shreyans Mehta. The founders previously worked at Symantec, where Talwalkar was development director and Mehta was architect and technical director, both serving in the company’s Security Technology and Response unit. Previous roles for Link included serving as senior vice president of worldwide sales at Palo Alto Networks.


VentureBeat’s mission is to be a digital marketplace for tech makers to learn about transformative technology and trade. Our site provides essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to join our community to access:

  • updated information on topics of interest to you
  • our newsletters
  • gated thoughtful content and reduced access to our valued events, such as Transformation 2021: Learn more
  • networking features and more

sign up

Leave a Comment