Salt Security has launched its Salt Technical Ecosystem Partner (STEP) program, aimed at helping enterprises leverage its API adaptive intelligence to reduce risk in their API ecosystems. The program allows for the integration of Salt’s AI-driven API security insights into the existing workflows and tools of organizations. By joining the STEP program, joint customers can enhance their API security posture with best-of-breed solutions that are enriched by the API security intelligence of the Salt Security API Protection Platform.
The STEP program was inaugurated with the introduction of Salt’s first partners, who focus on API testing solutions. These partners include Bright Security, Invicti Security, StackHawk, and Contrast Security. Salt’s pre-built integrations with these partners enable streamlined deployment and several benefits for organizations. This includes the ability to move to a risk-based approach for API testing by connecting cloud to code and focusing on sensitive data. It also allows for risk reduction with increased surface coverage by utilizing Salt’s accurate and up-to-date API inventory combined with vulnerability prioritization from testing partners. Additionally, organizations can leverage best-of-breed testing capabilities spanning various tests such as OWASP, MITRE, business logic, SQLi, XSS, SSRF, and more, leading to better quality testing. The integration of Salt into existing testing technologies also reduces friction for DevOps and DevSecOps teams, enabling seamless integration into development pipelines. Moreover, the program helps in speeding time to value by working with organizations’ existing integrated development environments (IDEs), software pipeline tools, and other workflows. It also improves testing efficiencies by providing context-rich OAS files that are automatically updated in real-time, highlighting what needs to be tested and the order of priority. Lastly, the program allows organizations to increase their R&D velocity by focusing scanning efforts on priority APIs, such as external APIs or those containing personally identifiable information (PII).
In addition to testing, the STEP program formalizes Salt’s integration with other API ecosystem technologies, including web application firewalls (WAFs), API gateways, and cloud security providers. Salt will also collaborate with partners to jointly develop integrations and publish APIs to accelerate the integration process, thereby allowing a diverse range of partners to extract valuable API data from the Salt system.
Приступ који користи Салт Сецурити осигурава да предузећа могу имати користи од водећих АПИ безбедносних могућности током читавог животног циклуса. Признаје да ниједна компанија не може да обезбеди све неопходне дисциплине за потпуну безбедност АПИ-ја, а покушаји да то ураде резултирају осредњим решењима која предузећа чине рањивим. Кроз интеграције које омогућава СТЕП програм, купци ће имати приступ високо способним, лаким за имплементацију и ефикасним решењима за заштиту АПИ-ја.
Roey Eliyahu, CEO and co-founder of Salt Security, emphasized the uniqueness of Salt’s approach to securing APIs. The company’s deep API context provides rich API discovery and runtime protection, which is now extended to partners’ best-of-breed solutions. According to Eliyahu, this combination delivers unparalleled API security to customers. He expressed excitement about welcoming Bright Security, Contrast Security, Invicti Security, and StackHawk to the program, highlighting their leading API security testing solutions.
The need for robust API security is becoming increasingly important as API-related threats and vulnerabilities continue to rise. The “2023 State of API Security” report revealed that 94% of organizations experienced security issues in their production APIs over the past year. Furthermore, a recent study projected that the average cost of a security breach stands at $6.1 million and is expected to increase to nearly $14.5 million by 2030. These statistics highlight the urgency for organizations to prioritize API security to mitigate potential financial and reputational damages.
Partners in the STEP program also shared their perspectives on the collaboration. Gadi Bashvitz, CEO of Bright Security, stated that Salt’s intelligence empowers application security (AppSec) and development teams to improve their organizations’ API security posture. Tracey Mead, VP of Strategic Alliances at Contrast Security, emphasized the importance of context in application security and how insights into API behaviors driven by Salt enable customers to quickly detect potential problem areas and speed up remediation efforts. Michael George, CEO of Invicti, highlighted the significance of extensive API discovery and comprehensive testing coverage across APIs, which joint customers can easily benefit from. Joni Klippert, CEO of StackHawk, emphasized the necessity for prioritizing and automating security testing for APIs, especially with the increasing growth of API development. Klippert expressed excitement about bringing a developer-focused and comprehensive API security testing solution to organizations through the partnership with Salt.
Програм Салт Тецхницал Ецосистем Партнер (СТЕП) јача безбедносни пејзаж АПИ-ја пружајући организацијама свеобухватан пакет решења и моћне интеграције. Са све већом софистицираношћу и учесталошћу претњи везаних за АПИ, од суштинског је значаја за предузећа да усвоје робусне мере безбедности АПИ-ја како би заштитили своје системе, податке и репутацију. Кроз СТЕП програм, Салт Сецурити и његови партнери су посвећени пружању најсавременије заштите АПИ-ја и омогућавању организацијама да брзо изграде безбедни софтвер уз ефикасно праћење и реаговање на потенцијалне нападе.