Ghost Security reinvents app security with unsupervised machine learning

Are you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.


Software applications are at the core of organizations of all sizes across all industries. Using APIs and microservices creates an ecosystem between users and the information they need. Because of this, there has been an exponential expansion in the development and use of applications and APIs — often leaving them unaccounted for and unsecured, according to Ghost Security, an application security company.

The industry has been grappling with how to solve the security risks that cloud applications face. Several subcategories of products attempt to support that goal from cloud security posture management (CSPM) to identity access management (IAM), web application firewall (WAF), data-loss prevention (DAP), runtime protection tools, static analysis and dynamic analysis.

However, despite all of these point products, application compromises are on the rise, the company said.

Coming at AI with unsupervised machine learning

Ghost Security, which emerged from stealth mode today, says it’s taking a different approach and using machine learning (ML) as a core component of its platform. The technology lets security pros profile normal behavior versus abnormal behavior and detect when something abnormal happens. “The great thing about that is you have capabilities to detect attacks no one has seen before,” Ghost cofounder and CEO Greg Martin told VentureBeat.

The company claims its platform will help tech leaders continue rapid application development without disrupting existing processes — as well as providing detection and response teams with comprehensive and automated application protection.

“We’re trying to build a lot of innovation into creating the defense for not just today’s applications, but for the next decade or two,” Martin said. “In practice, that means using technology not available 10 or 12 years ago,” such as machine learning, artificial intelligence (AI) and horizontal cloud scale systems.

Many app security products use supervised machine learning, which is where algorithms are trained using good and bad data so the system understands what to look for, according to Martin. But Ghost is using an unsupervised machine learning approach, “where you don’t have to feed it any data; it’s learning in a different way,” he explained.

Another differentiator is “we architect our software in a way that is compatible with whatever [cloud provider] the customer uses,” Martin said. “So if [they use] Google or Amazon Web Services or Microsoft Azure — or something totally different — we’re going to build compatibility for every customer.”

That includes customers running on-premises data centers, Martin added.

A better approach is needed to secure assets

“What’s exciting about the Ghost platform is that it removes the complex and invasive processes required to protect applications and APIs, making this type of technology more accessible to organizations across the globe,” said Florian Leibert, general partner and cofounder at 468 Capital, in to statement. “They’re building a solution that scales without affecting productivity and harnesses the power of machine learning in a way that will identify unknown vulnerabilities and stop more threats.”

Ghost Security is backed by a combined $15 million investment from 468 Capital, DNX Ventures and Munich Re Ventures. In announcing the funding, the company said it will use this influx of capital to continue focusing on building “a world-class team with the experience and passion required for developing disruptive technologies.”

“The surge in adoption of applications, APIs, and microservices represents great growth potential for businesses, but also introduces many new attack surfaces,” said Hiro Rio Maeda, managing partner at DNX Ventures, in a statement. “A better approach to securing these assets is needed, and Ghost is well-positioned to address that challenge.”

Ghost is competing against companies including Imperva, F5 and Akamai, Martin said. “The space we’re disrupting has traditionally been called ‘web application firewalls,’ but the tools are so simplistic we think with what we’re doing, we won’t be the only ones jumping in and doing this,” Martin said .

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Leave a Comment