42Crunch is a privately held API security startup company headquartered in Dublin, Ireland with local offices across the US and multiple European countries. Founded in 2016, the company focuses on proactive discovery and remediation in API contracts (thus, even before any implementation code is written) and runtime protection against API attacks. 42Crunch strives to make API security a commodity by providing developer-focused tools, offering guidance and best practices, and by supporting DevSecOps initiatives.

Akamai Technologies is a cloud and security provider headquartered in Cambridge, Massachusetts, USA. Founded in 1998, the company is one of the veteran players in the market, providing a broad range of security, compute, and delivery solutions through its Akamai Connected Cloud, one of the world’s largest distributed edge and cloud platforms.

Axway, founded in 2001, is a global software company headquartered in Scottsdale, Arizona, USA. The company offers a broad portfolio of solutions for securing organizations’ protected resources and extending their operations into the cloud. With the acquisition of Vordel in 2012, Axway has become one of the strong players in the API Management market as well.

Broadcom has introduced light-weight desktop agent that allows users to connect to target systems using privileged account without having to log into the PAM user interface directly. Users can use their own tools for connecting and PAM will manage the credentials behind the scenes.

Cequence Security is a cybersecurity company headquartered in Sunnyvale, California. Founded in 2015 by a group of security industry veterans, the company focuses on developing a unified ML-based Application Security Platform. This cloud-native, containerized platform powers several security products ranging from web and mobile app protection to API inventory, monitoring, compliance, and risk assessment.

Cerbos is an open-source software vendor focusing on adaptive authorization management. Founded in 2021, the company comprises a highly distributed engineering and management team, while being officially headquartered in London, UK.

Cloudentity was founded in 2018 and is headquartered in Seattle. Cloudentity has a full-featured CIAM and IDaaS solution. Their approach is cloud-first and one of their primary objectives is scalability; thus, they were an early adopter of micro-services architecture. Cloudentity focuses on Dynamic Authorization as the core element for CIAM. Cloudentity utilizes many of the latest container and orchestration technologies, such as Docker, Kubernetes, and Istio, to deliver their services. Their solution can run on-premises on CentOS, RHEL, or SUSE; and it is cloud-agnostic so it can be deployed public IaaS environments such as Alibaba, AWS, Azure, or GCP. They also offer their solution as SaaS delivered from public IaaS across multiple regions including US, UK, Europe, Australia. Cloudentity’s subscription pricing is based on the number of authorization grants performed per month regardless of how many active or eligible users the customer serves. Cloudentity customers can import users via LDAP, REST, and SCIM. Social network registration and authentication can be used except Apple. Registration workflows are customizable in the GUI and allow fine-grained consent and sophisticated authorization evaluations. All typical account recovery mechanisms are present. Identity proofing is not built-in but can be configured via the policy framework. OTP, mobile push, and the most common authenticator apps are accepted.

Cloudflare is a leading Content Delivery Network (CDN) and provider of network security services. Founded in 2009, the company is headquartered in San Francisco, CA. Cloudflare is primarily known for its global security edge infrastructure that is present in over 300 cities worldwide to provide low-latency access for over 95% of the internet population. It has been estimated that nearly a quarter of websites worldwide rely on Cloudflare for network and web security services with over 140 billion threats blocked daily.

Curity is a provider of API-driven identity management solutions based in Stockholm, Sweden. Launched in 2015, the company is focusing on providing identity services for APIs and microservices and removing the complexity by externalizing and centralizing access control across any API.

Data Theorem is a company specializing in application security solutions. Founded in 2013 and based in Palo Alto, CA, the company offers a range of automated managed security services for developers of mobile applications and APIs. At the core of the company’s entire portfolio is its Analyzer Engine that performs continuous scanning of application vulnerabilities.

Ergon is a Swiss-based company established in 1984 with customers primarily in the DACH region and is also growing across EMEA and the APAC regions. Its partner ecosystem is concentrated in DACH but remains small in other areas.

ForAllSecure is a cybersecurity company founded in 2012 by a team of security researchers from Carnegie Mellon University. It is headquartered in Pittsburgh, PA. The company’s vision is to approach application security testing from the perspective of a real hacker and focus on identifying only real exploitable risks instead of overwhelming developers with too many irrelevant findings.

Forum Systems is a privately held independent engineering company based in Needham, MA. Founded in 2001, the company provides gateway-based solutions for API and cloud security.

Google LLC is an American multinational technology company focusing on artificial intelligence, online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, and consumer electronics.

Gravitee is a next-generation API management vendor headquartered in Boulder, CO. Originally founded in 2016, the company has a distributed team primarily across France and the United Kingdom. Gravitee was founded as an open-source company and remains a strong contributor to this day, with the vision of developing a new kind of API management platform that unifies synchronous and asynchronous APIs.

Imperva is an American cybersecurity solution company headquartered in Redwood Shores, California. Back in 2002, the company’s first product was a web application firewall, but over the years, Imperva’s portfolio has expanded to include several product lines for data security, cloud security, breach prevention, and infrastructure protection as well. In 2019, Imperva was acquired by private equity firm Thoma Bravo, making it a privately held company.

Nevatech is a privately owned software company based in Atlanta, GA. Founded in 2011, the company provides SOA and API management infrastructure and tools for on-premises, cloud, and hybrid deployments.

Noname Security is a privately held company with the HQ in Silicon Valley and additional offices in Tel Aviv, Israel and Amsterdam, Netherlands. Established in 2020 with a strategic vision of a complete, proactive API security platform, the company has already managed to attract many high-profile enterprise customers as well as to raise impressive funding from venture capital.

Perforce is one of the leading providers of software lifecycle management tools, headquartered in Minneapolis, Minnesota. Established in 1995, the company is primarily known for its version control system, but through a series of acquisitions in the later years, it has established a massive portfolio of application development, developer collaboration, agile planning, and other products for creating and running software.

Red Hat is a multinational software company that develops enterprise open-source solutions, including cloud, infrastructure, application development, and integration technologies. Founded in 1993, the company is known for its enterprise Linux operating system, as well as for hybrid cloud management, virtualization, Kubernetes, and other solutions. In 2019, Red Hat was acquired by IBM and now operates as an independent subsidiary.

Salt Security is a privately held API security startup company based in Palo Alto, CA. Founded in 2016 by alumni of the Israeli Defense Force, the company offers a patented API threat protection platform that protects SaaS, web, mobile, microservices, and IoT applications from API threat vectors across build, deploy, and runtime phases.

Sensedia is an API management company headquartered in Campinas, Brazil. Founded in 2007, the company provides a full-featured API management platform that incorporates tools for every stage of the API lifecycle from design to operations, analytics, and governance, incorporating robust security functions as well.

Traceable is an API security startup based in San Francisco, California. Established in 2019 by veterans of the application performance monitoring market, the company develops an innovative distributed tracing technology for cloud-native applications, which helps monitor, investigate, and protect multiple cloud environments like microservices, service meshes, serverless functions, and APIs.

Wallarm is an application and API security vendor based in San Francisco, CA. Founded in 2016 with the vision for end-to-end API security, the company now delivers an integrated platform for API discovery and posture management, real-time API protection, as well as for API security testing. The solution unifies API security and next-generation WAF capabilities to protect the entire web application and API portfolio for a customer, even in complex multi-cloud environments.

WSO2 was founded in 2005 in Sri Lanka and is headquartered in Santa Clara, CA. They are an open source IAM/CIAM solution provider. Their target market is identity architects and developers, who can take advantage of their API-driven and highly customizable product. Related products include Enterprise Integrator and API Manager. Identity Server is the on-premises and self-hosted version, and it can run on Linux or Windows, or any top-tier IaaS platform. Asgardeo is their SaaS, which is hosted on a single IaaS provider in data centers in the US. Identity Server is licensed per node, and Asgardeo is priced by the number of monthly active users.