Salt Security, a leading API security company, has recently made significant advancements in discovery, posture management, and AI-based threat protection with their Salt Security API Protection Platform. The company’s CEO, Roey Eliyahu, highlighted the importance of API posture governance in light of the rapidly growing number of APIs and the associated security risks.
According to the Salt Labs State of API Security Report, Q1 2023, 94% of organizations experienced security problems in production APIs in the past year, with 59% encountering application rollout delays due to security issues in APIs. This underscores the urgent need for robust API security measures.
To address these concerns, Salt Security has introduced the industry’s first API posture governance engine, enabling organizations to minimize risk on their API-first journey. This new engine allows for the authoring of corporate standards for API posture and ensures compliance with those standards, industry best practices, and regulatory requirements. Unlike traditional API security solutions that focus on threat detection and mitigation, Salt’s platform introduces an engine dedicated to API posture governance, aligning all API lifecycle stakeholders and ensuring security standards are followed throughout an API’s lifecycle.
Additionally, Salt Security has added new API filtering and querying capabilities to provide context-rich API asset discovery and management, allowing organizations to extract detailed insights about their APIs, such as purpose, usage patterns, and associated risks. These insights can be used to create posture governance policies, offering a new level of depth and customizability.
The company has also enhanced its behavioral threat response capabilities, empowering SecOps personnel to prioritize, triage, and analyze API-related security events more effectively. This is crucial given the 400% increase in unique API attackers observed in the past year, as indicated by Salt’s State of API Security Report, Q1 2023, and the significant security issues experienced by financial services and insurance companies.
Furthermore, Salt Security has introduced ecosystem enrichment capabilities, enabling the sharing of API intelligence with the broader lifecycle ecosystem. This includes enhanced integrations with application security testing platforms, data enrichment through public APIs, and advanced outbound integrations, ensuring that API security is integrated into the broader security infrastructure.
In addition, Salt Security has made improvements to enterprise onboarding and operationalization, aiming to reduce API risk with minimal operational friction. These improvements include enhanced role-based access control, improved integrations with corporate identity systems, enhanced system health management and audit controls, and improved data collection and protection mechanisms.
Overall, Salt Security’s latest advancements in API security are designed to address the increasing API sprawl and the associated security risks, providing organizations with the tools and intelligence needed to effectively manage and secure their APIs in today’s digital landscape. These developments come on the heels of a successful year for Salt Security, marked by industry recognition and thought leadership in API security. With these new capabilities, Salt Security aims to further solidify its position as a leader in API protection and threat intelligence.