Leen Press Kit
.png)
Company description
Leen is building a Unified API and data fabric for security. Leen builds connectors to dozens of security tools including SentinelOne, Crowdstrike, Palo Alto Firewall, Tenable, Qualys, Snyk, Wiz, and many more. We normalize and correlate data across these disparate products and make it available via our API. We help engineering-forward security teams build internal tooling to enable use cases across reporting, detection & response and vulnerability prioritization.
For our logo and other design assets, visit this resource folder.
Media FAQ
What is a Unified API and how does it work?
Unified APIs combine multiple APIs into a single, standardized interface, simplifying development by providing consistent access to various services. They abstract away complexity, standardize interactions, normalize data formats, handle security centrally, and offer scalability. The benefit to developers is that they maintain one integration and access centralized documentation and support resources.
Why does the security industry need a Unified API?
There are a few thousand security products and it’s common for security teams to have dozens of products in their security stack. Building integrations with dozens to hundreds of security products, normalizing data across them, and taking actions in these systems requires significant engineering, product, and data resources. Using a Unified API enables product and security teams to focus on their core roadmaps instead of dealing with integrations and data pipelines. We also wrote a longer blog about why the security industry needs Unified APIs.
What types of security data does Leen's API serve?
Leen primarily focuses on stateful security data. The 3 broad categories of data that we pull and normalize from security tools are- events & alerts (finding from endpoint detections, vulnerability scans, code vulnerability scans, etc.), configuration settings (user access & permissions, set up of scans, agents, etc.), and entity data (unique identifiers for devices, files, identities, etc. tied to the findings data).
Can I use Leen’s API to send data to or take actions in other security products?
Yes, you can! Several of our integrations are bi-directional allowing you to read data from various security products via our unified data models, write data back to them, or take actions such as updating configurations, or creating tickets in your ITSM platform (JIRA, ServiceNow, etc.).
Does Leen store any of my data?
We store security data from any active connections to provide our customers with the best possible developer experience. Caching the data within our cloud environment and serving it as needed ensures a high degree of data availability. The raw data from each security product is stored for a short period (no more than 7 days) and the normalized data is stored indefinitely until the connection that the data is associated with is deleted.
What types of teams can benefit from using Leen?
Leen is meant for product and engineering teams at security product companies, security teams that want to build flexible internal tools to power their security programs, and operations teams at MSPs/MSSPs. Our Unified API helps teams across the security industry more easily access, organize, and leverage security data within internal or customer-facing applications.
How does Leen's pricing work?
We offer flexible pricing plans based on the number of active connections in your environment. As our pricing is volume-based, it varies for each customer, ranging from the low 5-figures to the high 6-figures.
Is Leen SOC2 compliant?
Yes. We're proud to share that Leen is SOC 2 compliant.
How and why did Leen get started?
Leen was founded in 2023 by Kabir Mathur, Akash Bhat and Neel Arora, with the mission of creating the best devtools company in the world for security teams. For more on Leen's founding story and problem it is tackling at large, read "Leen Origins".
Who should I contact for more information?
Please reach out to akash@leen.dev for further queries.