The start-up Noname Security, which deals with the security of APIs for large corporations, announced today (Wednesday) that it has raised $ 135 million at a value of $ 1 billion. This makes Nu Nim, which was established only at the beginning of 2020, a unicorn. The entire fundraising amount is intended for investment in the company.
Nu Nim was founded by Oz Golan (CEO) and Shai Levy (Chief Technology Officer). Golan and Levy met during their military service in 8200 about a decade ago. After the service, Golan turned to work for NSO, which is currently in the headlines, There he served as a director of research and development, while working for companies such as Iron Source and Facebook.
In early 2020, the two reached out to investor Gili Raanan of the CyberStarts Fund with the idea of establishing a new cyber company. After meetings they organized for them to refresh with information security managers in organizations to learn about their needs, they decided to focus on the field of API security.
The way systems talk to each other
APIs allow computer systems to talk to each other and pull information from each other. For example, a hotel booking site such as Booking implements APIs of various travel providers to know the availability of rooms with them at any given moment. In the same way, booking can let external sites, such as car rental companies implement its interface, to allow checking of hotel room availability without directly accessing its app.
In a number of media cases, vulnerabilities were discovered in the APIs that led to the leak of databases. For example, in May, a breach was discovered in the API interface of the manufacturer of exercise bikes and smart running devices Pluto, of which even US President Joe Biden is one of its customers. Age, gender, place of residence and training history of millions of Pluto subscribers.
A month earlier, in April, a security breach was discovered in the API interface of a credit data company embedded in the American Student Loans website. The breach made it possible to type in the name and address of each citizen and discover his credit rating data. Research firm Gartner has estimated that API abuse will become the most popular attack vector in cases of information exposure in web applications by 2022.
Nu Nim currently employs about 200 workers in Israel and the United States, a significant increase compared to about 70 workers it reported in its previous recruitment in June. 500, including one of the three largest retailers and one of the three largest telecom companies in the world, has raised a total of $ 220 million since its inception, including the current round.
Israeli domestic competition
No Nim Security is not the only Israeli player in the world of APIs. The oldest start-up in this world is Salt Security, which was established in 2016. Salt has raised $ 131 million to date, with the company’s last round being in May. Salt reveals some of its customers, which include, for example, the communications giant Telefonica. According to the PitchBook database, Salt’s most recent fundraiser was valued at $ 625 million (after the money).
“One difference between us and Salt is that we take a proactive approach. We are not content with analyzing network movements and checking in real time who called the API and whether it abused it, but also actively examining configuration and architecture issues in the API. We also address “The API that the organization itself reveals and also the API that it uses, unlike other companies that only deal with what the organization reveals,” Shai Levy claims.
Another young Israeli start-up in the field, which was also founded in early 2020, is Neosec, which was also established by graduates of the 8200 and 81 intelligence units. Neosec was unveiled last September after raising $ 21 million. Another Israeli connection to the field is Impreva, which was established in Israel and operates two development centers in Israel. In May, Impreva announced the acquisition of the American API security company CloudVector for an unknown amount.
Nu Nim’s fundraising was led by Lightspeed and Georgian funds and was attended by existing investors such as Insight Partners, CyberStarts, Next47, Forgepoint and The Syndicate Group (TSG).