Pynt Inc., creator of an security autopilot tool for application programming interfaces, said today it has closed on a $6 million seed funding round as it launches its platform into general availability.

Today’s round was led by Joule Ventures and saw participation from Dallas VC and Honeystone VC.

The startup has created a novel offering that enables greater API security by bridging the gap between developers and security experts. APIs are mechanisms that enable two software components to communicate with each other. For example, the weather bureau’s API provides access to daily weather data. The weather app on a smartphone “talks” to its system via APIs, enabling the app to show real-time weather conditions and forecasts.

APIs are vital for software applications, so security is a primary concern. According to a report by Akamai Inc., more than 83% of internet traffic in the world today is related to API systems. However, many of them are riddled with security vulnerabilities. API breaches are a common occurrence, as exemplified by recent high-profile attacks on X, formerly Twitter Inc., and LinkedIn Corp.

Despite these risks, API testing is a low priority for many developer teams, as they’re under too much pressure to increase the velocity of software updates, Pynt said. Companies also face a shortage of skilled cybersecurity talent.

To bridge this gap, Pynt has created an API security autopilot that takes on the role of a white-hat hacker, using human logic to generate attacks and discover vulnerabilities before they are exposed by genuine hackers in the real world. What’s more, Pynt can integrate with dozens of popular API development tools, including Postman, and continuous integration/continuous development pipelines, providing a fully automated API security solution to almost any developer.

The startup offers both freemium and enterprise versions of its technology, and counts a number of customers in the Fortune 500. As well as automating the identification of API vulnerabilities during the development process, its platform delivers comprehensive reports and dashboards, plus actionable recommendations on how to fix the issues it discovers.

Pynt co-founder and Chief Executive Tzvika Shneider said securing APIs is vital for businesses, as they act as the gatekeeper to their castle. “These doors should be both secure by design and well-guarded, with the door makers and the guards sharing the responsibility,” he explained.

One of the problems, Shneider added, is that most developers are not security experts, while security professionals aren’t involved in the software development process themselves. “Both already have a lot on their plate, so we solve that problem by elegantly shifting left API security,” he said.

Pynt’s founding team, which also includes Chief Technology Officer Ori Goldberg, Chief Security Officer Golan Yosef and Chief Product Officer Ofer Hakimi, are veterans in both software development and security, having previously worked on automotive applications at Harman International Inc.

Joule Ventures founding partner Brian Rozenzweig said Pynt’s approach to securing APIs pre-production is a logical step for many enterprises, as they’re already looking to embrace “shift left practices.” “This Pynt team has an exceptional combination of experience, technical acumen, and vision and is poised to make a significant dent in the API Security market,” he added.

Image: Pynt