Vorlon is trying to stop the next big API breach
Application programming interfaces (APIs) are the bedrock of everything we do online. APIs allow two things on the internet to talk with each other, including connected devices or phone apps.
But the enormous growth of API usage — around half of all internet traffic — is putting businesses' data at risk. A common security risk is granting third parties overly permissive API access. Malicious hackers can leverage APIs to gain access to a company's sensitive information.
Cybersecurity startup Vorlon says it helps businesses protect their data from such incidents using its platform, and it raised $15.7 million to improve its technology.
Founded in 2022 by former Palo Alto Networks executives Amir Khayat and Amichay Spivak, Vorlon analyzes network traffic to detect and remediate potential API abuse in real time.
In an interview, Khayat said the company's technology runs the analysis and lets the customer know "something that you need to be notified about and take an action on.”
Vorlon continuously observes a company's APIs and notifies them when vendors make updates, which helps to better understand their exposure or potential exposure, Khayat told TechCrunch. The founder also noted that alongside detecting vulnerabilities and exposures, Vorlon's platform looks at the type of data third-party APIs have access to and where that can be connected to other applications.
The company uses AI to analyze and map all the API communication it monitors and translate it into human-readable language. This helps users get a summary of their third-party apps. Vorlon also provides an AI chatbot to let businesses search for information in human natural language about any security threats or issues they have. Khayat said Vorlon doesn't send chatbot data anywhere; instead, it sends user queries to its own databases, and the chatbot will return the information from the startup's database.
"In many cases, organizations won’t find out about a vendor's data breach until months after the fact," said Steve Loughlin, partner at Accel, in a statement. "Vorlon’s ability to reduce the timeline between threat detection and remediation to minutes is what makes this technology so powerful."
Vorlon counts SafeBreach and presales engineering platform Vivun among early customers since the launch of its platform in February. The company says it sees significant demand from the healthcare and financial sectors and targets enterprises with at least 1,500 employees.
The Delaware-based startup, with an R&D subsidiary in Tel Aviv, currently has around 22 employees and plans to increase that number by adding more people to its sales and product R&D teams using the money from its Series A round, which was led by Accel.
The all-equity round saw participation from Shield Capital and cybersecurity angel investors, including Demisto co-founders Slavik Markovich, Rishi Bhargava, Dan Sarel and Guy Rinat, who worked closely with Vorlon's co-founders at Demisto before Palo Alto Networks acquired it in 2019. Former Exabeam CEO Nir Polak and Fox Corporation CTO Paul Cheesbrough are also key Vorlon investors.
Correction: An earlier version of this report incorrectly attributed HubSpot as a Vorlon customer due to an editing error. ZW.