Company attributes
Other attributes
Corsha is a developer of cloud-based streaming authentication software designed to protect application programming interfaces (APIs) from data breaches, credential leakage, and unauthorized access. The company's software protects all kinds of online accounts, through smartphones, Internet of Things (IoT) devices, or a containerized microservice in a cloud. The Corsha application is developed to keep devices and applications connected through APIs and act as a security layer to shrink the API attack surface and ensure stolen or compromised API credentials are detected to protect enterprise data and applications.
Corsha was founded in 2018 by Chris Simkins and Anusha Iyer and is headquartered in Vienna, Virginia. Chris Simkins, prior to starting Corsha, worked for the Department of Justice as part of its national security division, and partially due to those connections, one of Corsha's first customers was the U.S. Air Force, where Corsha's technology was used to secure mission-critical data.
Corsha's platform is a fully automated multi-factor authentication (MFA) for APIs, capable of cryptographically defining the network so only authorized machines can connect, and offering full visibility into API activity across cloud and enterprise networks. Corsha's approach to API security is through identity authentication, and for machine-to-machine communications, Corsha assigns dynamic machine identities to trusted devices to allow APIs to communicate without the concern of API credentials or data being leaked. And it offers users machine identity management capabilities to secure an API rather than analyzing API traffic or API logs to identify malicious activity.
Corsha's API security offers users security between services and clients, with automated machine identities for trusted machines and the ability to establish one-time use MFA credentials to authenticate access between pods, container servers, vms, or IoT devices. This is achieved through a blockchain-based MFA system for the machine identities. And through their centralized control, users can view and monitor all the machines accessing APIs and halt access without revoking any secrets.
Corsha offers a security layer that does not work as an alternative to secrets or data management methods but can be added to abstract security vulnerabilities occurring from poor API security hygiene. The platform is environment agnostic, developed to be usable regardless of the application approach used, be it a monolithic application or microservices environments, intended to allow users to apply the security to complex deployment, hybrid environments, or to modernize legacy environments with API security.
