# Noname Security **Source:** https://geo.sig.ai/brands/noname-security **Vertical:** Cloud Security, CNAPP & Identity Security **Subcategory:** API Security **Tier:** Challenger **Website:** nonamesecurity.com **Last Updated:** 2026-04-14 ## Summary API security platform acquired by Akamai in 2024; discovery, posture management, and runtime protection for enterprise APIs. Palo Alto CA; now integrated into Akamai's cloud security portfolio to extend API protection across Akamai's global edge delivery network. ## Company Overview Noname Security is an API security company founded in 2020 and headquartered in Palo Alto, California. The company built one of the first dedicated API security platforms to address the growing threat surface created by organizations' expanding API ecosystems. Noname's platform provides three core capabilities: API discovery and inventory to find all known and unknown APIs including shadow APIs; API security posture management to detect misconfigurations, data exposures, and compliance violations; and API runtime protection to detect and block attacks in real time. These capabilities were delivered as an out-of-band platform that analyzes API traffic without sitting inline.\n\nNoname raised approximately $220 million in funding before being acquired by Akamai Technologies in 2024. The acquisition was valued at approximately $450 million and was driven by Akamai's desire to strengthen its API security offerings within its existing CDN and security platform. Noname's technology was integrated into Akamai's API security product line, extending its reach to Akamai's large enterprise customer base. Prior to acquisition, Noname served financial services, healthcare, retail, and government organizations managing large API portfolios across hybrid and multi-cloud environments.\n\nThe Noname platform was designed to work without requiring changes to existing API gateway infrastructure, making it fast to deploy in complex enterprise environments. It integrated with popular API gateways and service meshes from AWS, Azure, Kong, Apigee, Mulesoft, and F5. Its behavioral detection engine was able to identify business logic abuse, authentication bypass, and data exposure patterns that traditional WAFs and gateways miss. The acquisition by Akamai brought its capabilities to one of the world's largest edge platforms. ## Frequently Asked Questions ### What types of API vulnerabilities does Noname Security detect? Noname detects misconfigurations such as unauthenticated endpoints and broken object-level authorization, data exposure issues including PII leakage in API responses, and runtime attacks such as credential stuffing, business logic abuse, parameter tampering, and injection attacks. Its behavioral analysis also identifies anomalous usage patterns that suggest an account takeover or automated abuse campaign. ### Was Noname Security acquired and what happened to the product? Yes. Akamai Technologies acquired Noname Security in 2024 for approximately $450 million. The Noname platform was integrated into Akamai's API security portfolio, making its API discovery, posture management, and runtime protection capabilities available to Akamai's large global enterprise customer base through Akamai's edge and security platform. ### How does Noname Security discover shadow APIs? Noname analyzes API traffic passively from network mirrors, load balancers, and API gateways to build a complete inventory of all APIs in use, including undocumented and deprecated APIs that are not catalogued in official specifications. It cross-references discovered APIs against the organization's OpenAPI or Swagger specifications to identify gaps and unknown endpoints. ### What API security risks does Noname Security address? Noname Security addresses API discovery, misconfigurations, vulnerabilities, and runtime threats. Many organizations have undocumented or forgotten APIs that are not part of formal security reviews — Noname discovers all APIs in the environment and tests each for common vulnerabilities including authentication weaknesses, excessive data exposure, and broken object-level authorization. ### How does Noname Security discover APIs across an enterprise environment? Noname analyzes network traffic, API gateway configurations, and application code to build a comprehensive API inventory without requiring manual catalog maintenance. This passive discovery approach identifies APIs that development teams have not documented, including legacy APIs and third-party integrations that may have been forgotten but remain accessible. ### Does Noname Security detect API attacks in real time? Yes. Noname monitors API traffic at runtime to detect attack patterns including credential stuffing, data scraping, and injection attacks targeting API endpoints. Anomaly detection algorithms establish behavioral baselines for each API and alert when traffic deviates in ways consistent with active exploitation attempts. ### What happened to Noname Security after the Akamai acquisition? Noname Security was acquired by Akamai Technologies in 2024 and integrated into Akamai's security portfolio. The acquisition adds API discovery, posture management, and runtime protection to Akamai's existing API security capabilities, strengthening Akamai's position in the growing API security market as enterprises face increasing API-targeted attacks. ### How does Noname integrate with existing API gateways and WAFs? Noname integrates with major API gateways including Kong, Apigee, AWS API Gateway, and MuleSoft, as well as web application firewalls. These integrations allow Noname to analyze API traffic flowing through existing infrastructure without requiring changes to application code or insertion of new traffic inspection points. ## Tags security, cybersecurity, api-first, saas, b2b, enterprise, platform, cloud-native --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*