Vorlon is trying to stop the next big API breach

Application programming interfaces, or APIs as they are commonly known, are the foundation of everything we do online. APIs allow two things on the Internet to communicate with each other, including connected devices or phone applications.

But the huge growth in API use – about half of all internet traffic – is putting companies’ data at risk. A common security risk is granting third parties too permissive access to APIs. Malicious hackers can exploit APIs to access a company’s sensitive information.

Cybersecurity startup Vorlon says it helps businesses protect their data from such incidents with its platform and has raised $15.7 million to improve its technology.

Founded in 2022 by former Palo Alto Networks executives Amir Khayat and Amichay Spivak, Vorlon analyzes network traffic to detect and remediate potential API abuse in real time.

In an interview, Khayat said the company’s technology does the analysis and informs the customer of “something you need to know about and act on.”

Vorlon continuously observes a company’s APIs and notifies them when vendors make updates, providing insight into their exposure or potential exposure, Khayat told TechCrunch. The founder also noted that in addition to detecting vulnerabilities and exposures, Vorlon’s platform examines what type of data third-party APIs have access to and where it may be connected to other applications.

Vorlon uses AI to analyze and map all API communications it monitors and translate them into a human-readable language. This helps users get a summary of their third-party apps. Vorlon also provides an AI chatbot to enable businesses to search for information in natural human language about security threats or issues they are experiencing. Khayat said Vorlon doesn’t send chatbot data anywhere; instead, it sends user queries to its own databases and the chatbot will return the information from the startup’s database.

“In many cases, organizations don’t discover a vendor’s data breach until months after the fact,” Steve Loughlin, partner at Accel, said in a statement. “Vorlon’s ability to reduce the time between threat detection and threat remediation to minutes is what makes this technology so powerful. »

Vorlon counts Hubspot, SafeBreach and pre-sales engineering platform Vivun among its first customers since launching its platform in February. The company says it is seeing significant demand from the healthcare and financial sectors and is targeting companies with at least 1,500 employees.

The Delaware-based startup, with an R&D subsidiary in Tel Aviv, currently has about 22 employees and plans to increase that number by adding more people to its sales and product R&D teams using money from its round series A, led by Accelerate.

The all-equity funding round saw participation from Shield Capital and cybersecurity angel investors, including Demisto co-founders Slavik Markovich, Rishi Bhargava, Dan Sarel and Guy Rinat, who worked closely with co-founders of Vorlon at Demisto before its acquisition by Palo Alto Networks in 2019. Former Exabeam CEO Nir Polak and Fox Corporation CTO Paul Cheesborough are also key investors in Vorlon.