• Ghost Security asserted that its platform would assist tech executives in continuing rapid application development without interfering with already-established procedures.
  • A total USD 15 million has been invested in Ghost Security by 468 Capital, DNX Ventures, and Munich Re Ventures.

Organizations of all sizes and sectors are heavily reliant on software applications. Users and the data they require are connected via an ecosystem created through the usage of APIs and microservices. Due to this, the creation and use of applications and APIs have exponentially increased, frequently leaving them unaccounted for and unsafe, according to Ghost Security, an application security business.

How to address the security concerns confronted by cloud apps has been a topic of discussion. This objective is supported by several product subcategories, including runtime protection tools, static and dynamic analysis, web application firewalls, identity access management, and Cloud Security Posture Management (CSPM). Nevertheless, the business claimed that despite these point products, application compromises are increasing.

Ghost Security, which just came out of stealth recently, claimed to be adopting a unique strategy and integrating Machine Learning (ML) as a key element of its platform. The technology enables security professionals to profile normal and abnormal behavior and recognize when something unexpected occurs. “The great thing about that is you have capabilities to detect attacks no one has seen before,’’ said Ghost cofounder and CEO Greg Martin.

Utilizing unsupervised machine learning to approach AI

The company asserted that its platform would assist tech executives to continue with rapid application development without interfering with already-established procedures. It will also offer detection and response teams with thorough and automated application protection.

“We’re trying to build a lot of innovation into creating the defence for not just today’s applications, but for the next decade or two,’’ Martin said. “In practice, that means using technology not available 10 or 12 years ago,’’ such as ML, Artificial Intelligence (AI) and horizontal cloud-scale systems.

According to Martin, many app security tools use supervised ML, which is where algorithms are trained using both good and bad data so that the system understands what to look for. But Ghost is using an unsupervised ML approach, “where you don’t have to feed it any data; it’s learning in a different way,’’ he explained.

Another differentiator is that “we architect our software in a way that is compatible with whatever [cloud provider] the customer uses,’’ Martin said. “So, if [they use] Google or Amazon Web Services or Microsoft Azure — or something different — we’re going to build compatibility for every customer,” Martin added that this includes customers running on-premises data centers.

Future Plans

Ghost Security is backed by USD 15 million, invested by the likes of 468 Capital, DNX Ventures, and Munich Re Ventures. The firm stated during an announcement that it would use the funding to focus on growing “a world-class team with the experience and passion required for developing disruptive technologies.”

Ghost is competing with companies such as Imperva, F5 and Akamai, Martin said. “The space we’re disrupting has traditionally been called ‘web application firewalls,’ but the tools are so simplistic we think with what we’re doing, we won’t be the only ones jumping in and doing this,’’ he added.

Experts’ Take

“What’s exciting about the Ghost platform is that it removes the complex and invasive processes required to protect applications and APIs, making this type of technology more accessible to organizations across the globe,” said Florian Leibert, general partner and cofounder at 468 Capital, in a statement. “They’re building a solution that scales without affecting productivity and harnesses the power of machine learning in a way that will identify unknown vulnerabilities and stop more threats.”

“The surge in adoption of applications, APIs, and microservices represents great growth potential for businesses, but also introduces many new attack surfaces,” said Hiro Rio Maeda, managing partner at DNX Ventures, in a statement. “A better approach to securing these assets is needed, and Ghost is well-positioned to address that challenge.”