Ghost Security is announcing $15 mn investment at $50 mn valuation

Ghost Security, a US-based application security company, is announcing its emergence from stealth mode and a $15 million investment from 468 Capital, DNX Ventures, and Munich Re Ventures at a $50 million valuation.

Founded in 2022, Ghost Security is creating “an entirely new approach” to stopping attacks against applications, APIs, and microservices.

Apps and APIs are at the core of organizations. Ultimately, they’re what delivers essential info to employees and customers. But increasingly, apps and APIs have become attack vectors. Salt Security — which, to be fair, sells an API protection product — estimates that “malicious” API usage grew 681% from December 2020 to December 2021. As for apps, cybercriminals targeting mobile devices most frequently used them to break in, according to Pradeo Labs research.

Martin claims that Ghost takes a “data science” approach to security to solve challenges that other vendors cannot. While keeping the details high-level and mostly under wraps — Ghost’s product hasn’t launched yet — he said that the company’s technology delivers visibility and risk protection for apps and their dependencies, including services and APIs, in both cloud and on-premises environments.

As an industry, we are still seeing a lot of legacy thinking around how to deal with the application, data, and microservice sprawl that large scale cloud adoption has created. Existing approaches and application security solutions are now dated and losing effectiveness.

Greg Martin, Ghost co-founder and CEO

“At Ghost, we are completely rethinking the approach to securing modern applications from the ground up. We believe the explosive growth of microservices and APIs in the cloud will continue to outpace the capabilities of existing security solutions. We see this creating an even larger gap between the defensive capabilities of enterprise businesses and the capabilities of skilled hackers. The team at Ghost is uniquely qualified to develop new innovations in cloud security, specifically securing vulnerable applications, microservices, and APIs.” – Greg Martin, Ghost co-founder and CEO.

What’s exciting about the Ghost platform is that it removes the complex and invasive processes required to protect applications and APIs making this type of technology more accessible to organizations across the globe

Florian Leibert, general partner and co-founder at 468 Capital

“The surge in adoption of applications, APIs, and microservices represents great growth potential for businesses but also introduces many new attack surfaces. A better approach to securing these assets is needed, and Ghost is well-positioned to address that challenge.” – Hiro Rio Maeda, managing partner at DNX Ventures.

Talent is only a part of the equation — and Ghost faces a slew of competition out of the gate. The aforementioned Salt Security has raised tens of millions of dollars for its tech to protect APIs from malicious abuse.

Noname, another company aiming to solve API security problems, hit a $1 billion valuation after a $135 million Series C raise last December. Traceable AI, 42Crunch, and Cequence offer comprehensive API security services, too, while on the app security side, there’s vendors like Astrix Security and Enso Security.

That doesn’t faze Hiro Rio Maeda, a managing partner at DNX Ventures and an investor in Ghost. His is a meaningful investment, to be clear, given that the amount of venture capital investment for cybersecurity startups fell 35.8% this quarter on a quarter-over-quarter basis, according to Pitchbook data.

by Nataly Kramer