API Startup Salt Security Raises $140M To Strengthen Channel

‘We see partners as a crucial part of growing Salt and taking Salt to market. We feel very confident in our ability to scale and extend with partners,’ Salt Security Co-Founder and CEO Roey Eliyahu tells CRN.

Salt Security raised $140 million on a $1.4 billion valuation to expand R&D investment, fuel sales and marketing, and more rapidly grow its international operations.

The Palo Alto, Calif.-based API security startup said the Series D funding comes at demand for API security surges, with businesses needing to protect the APIs driving their digital transformation, application mobilization, and other IT modernization initiatives. Thursday’s funding round was led by CapitalG, the independent growth fund of Google parent company Alphabet.

“They [CapitalG] have unique and amazing achievements in the security field and have built several companies like CrowdStrike, Zscaler and Cloudflare to the size [valuation] of $30-$60 billion,” Salt Security Co-Founder and CEO Roey Eliyahu told CRN. “And as we are looking to grow Salt to the same size, we saw the huge value-add of a partner that’s done it not once, not twice, but three times.”

[Related: Salt Security Raises $70 Million To Strengthen API Security]

Salt Security began expanding its capabilities 18 months old beyond advanced API discovery and runtime protection to help companies build and release more secure APIs. Eliyahu said the Salt’s investment in ‘shift left’ security has been fruitful, and he believes there are still a lot more capabilities the company can roll out in that space.

“In order to continue to grow our company and be an enduring company that withstand the test of time, you need to continuously innovate, which means you need a lot of engineering resources,” said Eliyahu, noting that Salt Security is looking to bring on more data scientists, engineers, DevOps experts, and security researchers.

Salt Security has increased its channel budget tenfold over the past year with a particular emphasis on building out more partner marketing and certification assets, Eliyahu said. Creating partner certifications will make solution providers more self-sufficient and capable of talking intelligently about how they can solve customer problems without having to depend heavily on the company, according to Eliyahu.

Meanwhile, Eliyahu said investing more resources and money into channel marketing will help partners deliver better education and better content to customers about what good API security is. Salt Security last month hired Jon Peppler as its channel chief to expand the company’s partner program globally. Peppler most recently spent nearly three years as global channel chief at cloud security vendor Bitglass.

“We see partners as a crucial part of growing Salt and taking Salt to market,” Eliyahu said. “We feel very confident in our ability to scale and extend with partners.”

Salt Security was founded in 2016, employs 135 people, and has raised $271 million in six rounds of outside funding, according to LinkedIn and Crunchbase. The company most recently closed a $70 million Series C funding round in May 2021 led by Advent International, which also participated in the firm’s Series D funding. Salt Security executives weren’t immediately available for additional comment.

The company has been led since its inception by Eliyahu, who previously co-founded and served as CTO at a cybersecurity college focused on training and preparing its students for the Israeli Defense Forces (IDF) cybersecurity units. Eliyahu spent three years in the IDF’s cybersecurity unit, culminating in a seven-month stint as a team leader.

“APIs are essential to enabling business innovation, but security risks are multiplying at unprecedented scope and scale,” CapitalG Partner James Luo said in a statement. “Salt took an innovative, best-in-class approach to building its API security platform leveraging cloud-scale big data, allowing it to effectively detect and stop attacks in the wild while not compromising on strong shift left capabilities.”

Salt Security’s cloud-scale big data engine applies machine learning and artificial intelligence to secure APIs, according to the company. The company provides its customers with automated and continuous API discovery, detection, and attack prevention capabilities, as well as the expertise to identify and remediate API vulnerabilities during the build phase, Salt Security said.

The company said it has added Berkshire Bank, Takeda Pharmaceuticals, bp Launchpad, Markel, Icatu Seguros, and Apiture as customers as the company quintupled its revenue and tripled its customer base over the past year. Salt Security has launched operations in Europe and Latin America over the past year and begun publishing vulnerability research from the industry’s only API-focused security research team.

“Five years ago, the Salt founders had the vision to create this critical category, and they have led it ever since by creating the most secure and robust solution in the industry,” YC Continuity Managing Director Ali Rowghani said in a statement. “The company’s innovation and dominance led us to double down on our investment.”

From a metrics standpoint, Eliyahu said the company plans to track customer satisfaction and employee retention as well as growth in revenue and the number of customers. As for product innovation, Eliyahu said Salt will monitor the new capabilities it has released, the value those capabilities are delivering to customers, and the number of attacks Salt’s technology is stopping.

“Partners that consider themselves more innovative and want to bring the best tech to their customers and solve cutting-edge problems should definitely come and talk to us,” Eliyahu said.