Security Experts:

Connect with us

Hi, what are you looking for?



Traceable AI Snags $60M for API Security Tech

Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million.

Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million.

The San Francisco, Calif.-based Traceable AI said the Series B round was led by Institutional Venture Partners (IVP) with additional investments from Tiger Global Management, Unusual Ventures and BIG Labs.

Founded in 2018, Traceable AI has raised a total of $80 million to carve a path in the competitive API security and observability space.

The company’s technology is aimed at reducing attack surfaces in the cloud, especially at the API level that powers rapid digital transferring.  Traceable AI’s platform handles things like API discovery, web application protection, API vulnerability detection and API risk monitoring.

[ READ: Cloud AppSecFirm Traceable Emerges From Stealth Mode ]

Traceable AI plans to use the new investment to shift into growth-mode by further investing in its product development and research efforts and expanding sales and marketing teams.

The company was founded by Jyoti Bansal (CEO) and Sanjay Nagaraj (CTO). Bansal previously founded AppDynamics, an application performance management and IT operations analytics company that was sold to Cisco in 2017 for $3.7 billion. Bansal also founded Harness, a continuous delivery-as-a-service platform.

“Widespread use of APIs in cloud-native applications has led to a significantly larger attack surface, intensifying the challenge of protecting these APIs from malicious usage or abuse,” said Bansal. “Bad actors only need one API entry point to access an organization’s data and cause irreparable financial, reputational and service interruptions damage,” he added.

Bansal said the company’s technology can help defenders to understand how an application really works in the context of the business and have the ability to detect anomalies and block advanced threats. 

Traceable AI’s latest funding comes as investors continue to pour cash into startups in the API security category.  

Earlier this year, Alphabet’s independent growth fund CapitalG led a $140 million late-stage investment in Salt Security (at $1.4 billion valuation).  Other well-funded startups in the space include Noname Security, Corsha, Cequence and 42Crunch.

Related: The Next Big Cyber-Attack Vector: APIs

Related: Noname Security Raises $60 Million in Series B Funding

Related: The Race to Find Profits in Securing Email 

Related: Alphabet’s CapitalG Makes Big Bet on Salt Security 

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.