In recent years, there's been an explosion in the usage of APIs -- the interfaces that software apps use to communicate with each other. When asked to predict API usage in 2022 in a recent survey, 90.5% of developers responding said that they expect to use APIs more or the same as in 2021, while only 3.8% think they'll use fewer. The challenge is, as new APIs and protocols emerge, some aren’t supported by existing API management and security platforms. Some developer teams are struggling to make APIs useable as a result, leading to duplicated efforts, wasted engineering hours, and missed revenue opportunities.
At least, that's how Rory Blundell sees it. He's the co-founder of Gravitee, a startup building a tool for designing, securing, managing and deploying APIs that supports both asynchronous APIs (i.e., APIs that return data at a later time) and synchronous APIs (APIs that return data immediately). It's unlike some legacy, traditional API management solutions in use today, which only work with synchronous APIs -- limiting the types of applications that they can orchestrate.
After a year in which its customer base grew to over 150 customers, Gravitee has closed a $30 million funding round led by Riverside Acceleration Capital with participation from Kreos Capital, AlbionVC and Oxx. Bringing the company's total raised to $42 million, the proceeds will drive an "expanded" go-to-market strategy and an "aggressive" product roadmap over the coming months, Blundell told TechCrunch via email.
"APIs are the lifeblood of innovative companies. Whether it’s internally delivering and consuming APIs to more rapidly and efficiently take new products to market, or monetizing consumer-facing APIs as a revenue stream, APIs are now the core building blocks of successful businesses," Blundell said. "As more organizations make synchronous and asynchronous API ecosystems a focal point of their business, technical teams now more than ever need to embrace the oncoming API complexity without sacrificing security. This is the very issue Gravitee solves."
Blundell founded Gravitee in 2014 alongside developers Azize Elamrani, David Brassely, Nicolas Géraud and Titouan Compiegne. Frustrated with what they perceived as a lack of innovation in the API tooling space, the group launched an open platform for API management, Gravitee -- the company's namesake -- that went on to garner hundreds of thousands of downloads. Blundell and team later began offering paid services on top of Gravitee to fund development of the open source project.
The Gravitee platform can be deployed on-premises, it can be self-hosted, or it can be used as a part of Gravitee's software-as-a-service plan. Features across all releases include an "adaptive, risk-based" multifactor authentication system, which -- as the name implies -- attempts to automatically enforce certain factors of authentication based on the perceived risk of API access requests. Gravitee also ships with a drag-and-drop graphical tool for designing APIs and deploying them ahead of mock testing, as well as with a dashboard from which users can visualize the components of their API deployments to spot possibly problematic usage.
"In terms of legacy vendors, Apigee -- subsequently acquired by Google -- can be considered the early pioneer in the API management space, and we consider them to be of the 'API 1.0' category. Subsequently, new companies such as Kong, Tyk and WSO2 ... can be considered 'API 2.0' vendors," Blundell said. "We now believe the industry is heading to 'API 3.0': standardization, security, and composition on top of multiple protocols including synchronous and asynchronous technologies and embracing event-native architectures."
Gravitee's rivals include Blobr, which offers software for exposing and monetizing enterprise APIs; StepZen, which is developing graph technology to help connect and visualize various APIs; and well-capitalized startups like Postman, which raised $225 million last August. But Blundell argues that there's enough capital to go around.
It's not purely magical thinking -- particularly in light of predictions that APIs will become the top cybersecurity attack vector. Investors poured over $2 billion into API companies in 2020, according to one source. Nearly 40% of large organizations use more than 250 APIs, another reports. And at least one analysis projects the API management market will be worth $21.68 billion by 2028.
"We have several government contracts in Europe, with multiple French, Danish, Swedish and U.K. Government departments actively using the platform," Blundell said when asked about the platform's uptake. (He wouldn't discuss revenue figures, however.) "As tumultuous as today’s macroenvironment is, it was an ideal time for Gravitee to seize upon its position of strength, and it further demonstrates the confidence from our investors ... We remain committed to ensuring that Gravitee is the most feature-packed open source API solution on the market while delivering the robust scalability and features required by the most demanding of enterprise customers."
Gravitee currently has 100 employees and plans to expand headcount by 20% through the end of the year.