Apiiro
Apiiro provides a comprehensive application security posture management (ASPM) platform that offers holistic risk visibility, prioritization, remediation, and prevention across the software development lifecycle and supply chain.
Services
Apiiro provides a comprehensive application security posture management (ASPM) platform that integrates with various security tools and spans the entire development lifecycle. The platform features visibility and risk assessment, prioritization and remediation, and governance and assurance. Apiiro also offers software supply chain security (SSCS), secrets detection and validation, API inventory and security testing in code, contextual open source security, and XBOM/SBOM generation.
Products
Apiiro's primary product is its ASPM platform, which is extended by native security solutions and deep knowledge of the application attack surface. Key features include a dynamic risk engine that leverages full-lifecycle, full-stack analysis, policy-as-code engine for custom policies, developer guardrails embedded in code commits and CI/CD builds, dashboards and reports for measuring impact, and automated workflows for remediations and AppSec processes. The platform is available on AWS Marketplace and Google Cloud Marketplace.
Technology
Apiiro's technology stack includes the Risk Graph built on their patented Deep Code Analysis (DCA), code-to-runtime matching, and risk engine. The SHINE integration program ensures vendor-neutral, seamless integrations. The platform supports integration with tools like GitHub, GitLab, Azure DevOps, and Bitbucket. It includes a secure-by-design assurance feature to identify potential risks early and a contextual prioritization funnel to narrow down business-critical risks.
Funding and Investors
Apiiro raised $100M in a Series B funding round led by General Catalyst with participation from Greylock and Kleiner Perkins. This significant investment highlights the confidence investors have in Apiiro's technology and market potential.
Mission and Vision
Apiiro's mission is to empower security and development teams to secure everything they develop and deliver to the cloud with comprehensive visibility from design to production. The vision is embedded in their holistic approach to application risk visibility, prioritization, remediation, and prevention. Their extended capabilities like the XBOM provide continuous and complete visibility across application and software supply chains.