Salt Security has launched its Salt Technical Ecosystem Partner (STEP) program, aimed at helping enterprises leverage its API adaptive intelligence to reduce risk in their API ecosystems. The program allows for the integration of Salt’s AI-driven API security insights into the existing workflows and tools of organizations. By joining the STEP program, joint customers can enhance their API security posture with best-of-breed solutions that are enriched by the API security intelligence of the Salt Security API Protection Platform.
The STEP program was inaugurated with the introduction of Salt’s first partners, who focus on API testing solutions. These partners include Bright Security, Invicti Security, StackHawk, and Contrast Security. Salt’s pre-built integrations with these partners enable streamlined deployment and several benefits for organizations. This includes the ability to move to a risk-based approach for API testing by connecting cloud to code and focusing on sensitive data. It also allows for risk reduction with increased surface coverage by utilizing Salt’s accurate and up-to-date API inventory combined with vulnerability prioritization from testing partners. Additionally, organizations can leverage best-of-breed testing capabilities spanning various tests such as OWASP, MITRE, business logic, SQLi, XSS, SSRF, and more, leading to better quality testing. The integration of Salt into existing testing technologies also reduces friction for DevOps and DevSecOps teams, enabling seamless integration into development pipelines. Moreover, the program helps in speeding time to value by working with organizations’ existing integrated development environments (IDEs), software pipeline tools, and other workflows. It also improves testing efficiencies by providing context-rich OAS files that are automatically updated in real-time, highlighting what needs to be tested and the order of priority. Lastly, the program allows organizations to increase their R&D velocity by focusing scanning efforts on priority APIs, such as external APIs or those containing personally identifiable information (PII).
In addition to testing, the STEP program formalizes Salt’s integration with other API ecosystem technologies, including web application firewalls (WAFs), API gateways, and cloud security providers. Salt will also collaborate with partners to jointly develop integrations and publish APIs to accelerate the integration process, thereby allowing a diverse range of partners to extract valuable API data from the Salt system.
Qasja e ndërmarrë nga Salt Security siguron që ndërmarrjet mund të përfitojnë nga aftësitë kryesore të sigurisë së API-së në industri gjatë gjithë ciklit jetësor. Ai pranon se asnjë kompani e vetme nuk mund të sigurojë të gjitha disiplinat e nevojshme për të siguruar plotësisht API-të dhe përpjekjet për ta bërë këtë rezultojnë në zgjidhje mediokre që i lënë ndërmarrjet të cenueshme. Nëpërmjet integrimeve të lehtësuara nga programi STEP, klientët do të kenë akses në zgjidhje të mbrojtjes API shumë të afta, të lehta për t'u vendosur dhe efektive.
Roey Eliyahu, CEO and co-founder of Salt Security, emphasized the uniqueness of Salt’s approach to securing APIs. The company’s deep API context provides rich API discovery and runtime protection, which is now extended to partners’ best-of-breed solutions. According to Eliyahu, this combination delivers unparalleled API security to customers. He expressed excitement about welcoming Bright Security, Contrast Security, Invicti Security, and StackHawk to the program, highlighting their leading API security testing solutions.
The need for robust API security is becoming increasingly important as API-related threats and vulnerabilities continue to rise. The “2023 State of API Security” report revealed that 94% of organizations experienced security issues in their production APIs over the past year. Furthermore, a recent study projected that the average cost of a security breach stands at $6.1 million and is expected to increase to nearly $14.5 million by 2030. These statistics highlight the urgency for organizations to prioritize API security to mitigate potential financial and reputational damages.
Partners in the STEP program also shared their perspectives on the collaboration. Gadi Bashvitz, CEO of Bright Security, stated that Salt’s intelligence empowers application security (AppSec) and development teams to improve their organizations’ API security posture. Tracey Mead, VP of Strategic Alliances at Contrast Security, emphasized the importance of context in application security and how insights into API behaviors driven by Salt enable customers to quickly detect potential problem areas and speed up remediation efforts. Michael George, CEO of Invicti, highlighted the significance of extensive API discovery and comprehensive testing coverage across APIs, which joint customers can easily benefit from. Joni Klippert, CEO of StackHawk, emphasized the necessity for prioritizing and automating security testing for APIs, especially with the increasing growth of API development. Klippert expressed excitement about bringing a developer-focused and comprehensive API security testing solution to organizations through the partnership with Salt.
Programi Salt Technical Ecosystem Partner (STEP) forcon peizazhin e sigurisë API duke u ofruar organizatave një grup të plotë zgjidhjesh dhe integrime të fuqishme. Me sofistikimin dhe frekuencën në rritje të kërcënimeve të lidhura me API, është thelbësore që ndërmarrjet të miratojnë masa të fuqishme sigurie API për të mbrojtur sistemet, të dhënat dhe reputacionin e tyre. Nëpërmjet programit STEP, Salt Security dhe partnerët e tij janë të përkushtuar të ofrojnë mbrojtje të avancuar të API-së dhe t'u mundësojnë organizatave të ndërtojnë shpejt softuer të sigurt, ndërkohë që monitorojnë dhe përgjigjen në mënyrë efektive ndaj sulmeve të mundshme.