Secful (YC W16) Prevents API Attacks Automatically and in Real-Time

In recent years, it's become clear that APIs are very vulnerable to security breaches. Facebook, Snapchat, Marriott, Delmarva Power, TurboTax, and Twitter are just a small portion of the growing list of companies that have been breached through their API. Research indicates that 84% of all cyber-attacks are happening at the application layer, rendering companies' existing network security protections insufficient.

Secful is a company launching out of our Winter 2016 class that prevents API attacks, automatically and hands-free. Secful secures enterprises' APIs by detecting and profiling attackers in real-time and creating custom-tailored protection against them.

Every attack begins with the same phase: Reconnaissance. During this time, an attacker understands how the API should be used. Afterwards, the attacker actively researchers a company's endpoints for vulnerabilities. Usually these trial-and-error attempts go unnoticed until a breach actually occurs. Until now.

Secful tracks all of the attacker's activity from the very beginning, and creates a profile that contains an up-to-the-minute attack timeline, along with essential information to prevent the attack. Most importantly, Secful highlights the most dangerous potential attacks so that companies can handle them first.

Find out more about Secful and request a demo at Secful.com, and check out the video below.