Salt Security has raised US $140M in a Series D funding. The funding round was led by CapitalG, Alphabet’s independent growth fund. It also featured participation from all the existing investors in the company. The round brings the total raised by Salt Security to $271M across multiple funding rounds. It also brings the company’s valuation to $1.4B.
This round of funding comes just over eight months since it raised $70M in a Series C round. The increased amount raised shows that investors are happy with its potential and where it is heading.
The company plans to use the money to invest in its R&D operations, develop new products and expand existing ones. It will also use some of the money to expand its sales and marketing operations. Part of that will mean an increased focus on its international sales.
James Luo, Partner at CapitalG and Salt Security board member, said, “Our investment in Salt Security comes at a time of critical importance for the wider business community. APIs are essential to enabling business innovation, but security risks are multiplying at an unprecedented scope and scale. Salt took an innovative, best-in-class approach to building its API security platform leveraging cloud-scale big data, allowing it to effectively detect and stop attacks in the wild while not compromising on strong shift left capabilities.
“Salt Security has a proven record of success as the leading solution in the market, and our conversations with customers made it clear that Salt is providing them with market-leading protection and the fastest time to value. We look forward to partnering with the team at Salt Security to help it catapult into the next tier of market penetration and success.”
What does Salt Security do?
Salt Security focuses on API security. Attacks on APIs have increased substantially over the last two years, partly because they are seen as an easy mark. Organisations use them to connect to cloud services and as part of their digital transformation. The more APIs you use, the greater the risk of encountering vulnerabilities.
The explosion in APIs deployed by organisations has also created a wide and often inviting attack surface. Organisations that repurpose internal APIs for external use often do little or no proper security checking. It means that code is often left in, which gives an attacker a route into the company network.
Even where APIs are small and written to deliver specific functionality, too many organisations are immature when security testing them.
Salt Security is targeting those weaknesses. It uses its own ML/AI solutions to continuously scan and test APIs and how they are used. The information gathered provides it with the context to spot misuse and abuse of APIs. It means security teams get in-depth information on the weaknesses in an API and an environment. That allows them to deploy the right mitigation at the right time.
Enterprise Times: What does this mean?
APIs have become an increasingly easy target for attackers. Much of that is down to sloppy practices in securing and testing them. It has created a significant demand for solutions that can fix the problem. Given the widespread usage of APIs, we are past the point of rip and replace. What is needed is an intelligence-led approach to the problem
This is what makes Salt Security interesting. Its platform provides the intelligence companies need. It is a view that both customers and investors clearly share. Its customer base, new customers, employee headcount and, most importantly, revenue soared last year. Those are numbers that will have made any investor happy to commit funds.
The question now is, can it continue to deliver? Previous funding rounds have been in the tens of millions. This is twice what it raised in its Series C round. What will it do with it? More of the same? An even greater increase in customers? Only time will tell.
