Get a Demo

CloudVector Advances State of API Threat Protection with Automated & Continuous Discovery

ArecaBay rebrands as CloudVector, appoints Ravi Khatod CEO, gains $5M funding; CloudVector discovers, monitors and secures APIs to prevent data breaches

LOS ALTOS, Calif., Nov 12, 2019 — CloudVector, the first API Threat Protection platform to go beyond the gateway, today announced the launch of its namesake solution, which discovers, monitors and secures APIs to prevent data breaches. The proliferation of APIs have encouraged threat actors to target this new attack vector, increasing the risk of major data breaches. Existing Web Application Firewall (WAF) and API Management gateways are unable to provide API Threat Protection because of inherent limitations in their architectures.


According to Gartner API Security: What You Need to Do to Protect Your APIs, by Mark O’Neill, Dionisio Zumerle, Jeremy D’Hoinne, August 28, 2019, “Modern application architecture trends — including mobile access, microservice design patterns and hybrid on-premises/cloud usage — complicate API security since there is rarely a single “gateway” point at which protection can be enforced.”


To move beyond the gateway, CloudVector encourages organizations to adopt an API Threat Protection solution that is able to automatically discover APIs, monitor for deviant behavior, and secure data from exfiltration. CloudVector is the first API Threat Protection platform to deliver this full feature set.


“CloudVector delivers API Threat Protection we couldn’t find in any other vendor, without negatively impacting DevOps—it automates tedious manual processes to discover APIs and secure them,” said Abhijit Oak, Vice President, Software Development, Katerra. “This product enables us to simplify our security structure and spend.”


CloudVector Arises from ArecaBay — Appoints Ravi Khatod CEO


CloudVector, which was formerly known as ArecaBay, also announced the appointment of Ravi Khatod as co-founder and CEO. Ravi is a seasoned Silicon Valley security executive with more than 15 years of experience focused on building foundational teams and strategy, driving sales success and customer excellence, and delivering market-leading growth at category-defining vendors including IronPort, CipherTrust, and AppSense. Prior to CloudVector, he served as CEO of Agari, a next-generation email security company, where he drove 300 percent in revenue run rate growth in three years.


“APIs have become mission critical for organizations as they move to the cloud and embrace digital transformation initiatives. Attackers have also recognized this new and broad attack surface. As we’ve seen with recent high profile data breaches API security has become a predominant challenge,” said Khatod. “The shortcomings of existing gateways represent a multi-billion dollar market opportunity for CloudVector, which is advancing the state of the API Threat Protection market with its solution.” 


CloudVector has raised more than $5M in seed funding round led by SignalFire, which it is aggressively investing in the growth of its R&D, sales and marketing teams.


Beyond the Gateway — Full-feature API Threat Protection


CloudVector is purpose-built for modern application architectures, and is deployed with zero impact to inline performance, with no changes required to applications or DevOps processes. In fact, CloudVector eliminates the need for manual API specification to deliver immediate time to value.


Key features of CloudVector’s API Threat Protection platform include:


  • Discover with API Inspection Modules (AIM) — Fully automated microsensor modules enable the continuous discovery of all APIs connected to enterprise assets—even shadow APIs.


  • Monitor with Deep API Risk Trackers (DART) — Deep monitoring modules apply proven Machine Learning to customer-specific API blueprints that drive automatic identification of API risks and, more importantly, real-time detection of reconnaissance attempts. 


  • Secure with API Response Modules (ARM) — Real-time response modules enforce targeted policies against API abuse—the only solution to entirely address the OWASP API Security Top 10.


According to Gartner API Security: What You Need to Do to Protect Your APIs, by Mark O’Neill, Dionisio Zumerle, Jeremy D’Hoinne, August 28, 2019, “Many API breaches have one thing in common: the breached organization didn’t know about their unsecured API until it was too late. This is why the first step in API security is to discover the APIs which your organization is delivering, or which it consumes from third-parties.”


Learn more about CloudVector’s API Threat Protection platform



Ravi Khatod’s executive blog about the API Threat Protection market


About Katerra


Katerra is transforming construction through technology – every process and every product. With leaders from the most groundbreaking technology, design, manufacturing, and construction companies, Katerra transforms how buildings and spaces come to life. Founded in 2015, Katerra has a growing number of domestic and international offices, factories and building projects.


About CloudVector

CloudVector is enabling organizations to move beyond the gateway and firewall with the industry’s first full-featured API Threat Protection platform. Only CloudVector is able to automatically and continuously discover APIs, monitor for deviant behavior, and secure data from exfiltration to prevent data breaches. CloudVector was founded in 2019 by former executives from Netskope and Agari. Follow CloudVector on Twitter and LinkedIn. Learn more about CloudVector at