Application programming interface security startup Traceable Inc. exited stealth mode today armed with a $20 million Series A funding round from Unusual Ventures and BIG Labs.

Traceable has created a security platform that tracks end-to-end application activity from the user and session all the way down to the code. It uses machine learning and distributed tracing technology that analyzes user activity to learn what normal application behavior looks like, so it can detect anything that might indicate something is amiss.

The company is led by former AppDynamics Inc. founder Jyoti Bansal, together with Sanjay Nagaraj, a former vice president of engineering at AppDynamics.

Traceable hopes its new platform will be of interest to enterprises that run cloud-native apps that are composed of hundreds or even thousands of API microservices, which are loosely coupled services. They can be difficult to protect at scale: According to Gartner Inc., APIs are set to become the most frequent attack vector in the future, with API calls representing 83% of all web traffic in 2018.

Based on an open-source software project called Hypertrace, Traceable’s software helps protect APIs by using machine learning algorithms that can analyze application activity and learn to distinguish between normal and anomalous behavior. The company, which claims a false positive rate of less than 1%, said it alerts users to any activity that could indicate an attack.

“The broad use of APIs in cloud-native applications has greatly expanded the attack surface for enterprises, and until now, there hasn’t been a solution that adequately addresses this growing issue,” said Traceable adviser Gerhard Eschelbeck, former Google chief information security officer. “Traceable solves one of the biggest problem security teams face, which is distinguishing between valid and malicious use of an application’s APIs.”

Traceable’s platform can integrate with collaboration tools such as Slack, sending automated warnings to DevOps and security teams should it find anything amiss with their applications. It can also perform actions to mitigate any attacks, such as by shutting down API access for a predetermined period of time to give someone time to explore whatever problem it has found. And if the warning turns out to be a false positive, the software will learn from its mistake and not repeat it.

“Highly distributed cloud-native applications are almost impossible to operate and troubleshoot without distributed tracing,” said Nagaraj. “So we decided to make this core part of our platform, open source and freely available. We hope the community not only adopts Hypertrace but feels empowered to contribute to the project to make it even better.”

Constellation Research Inc. analyst Holger Mueller told SiliconANGLE that as applications become more powerful, they become more widely distributed too.

“Tracing and diagnosing issues in these distributed applications is cumbersome, so it’s good to see some startup passion entering the space with Traceable,” Mueller said. “Now we’ll have to wait and see how well the first generation of its product will do with early adopters.”

Traceable is rivaled in the emerging API security market by Salt Security Inc., which raised $20 million last month and uses machine learning to map a company’s APIs and analyze how they’re used in order to detect suspicious behavior.

Image: Traceable