Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

A New Strategy for Reducing API Risk

As organizations increasingly embrace APIs, a new challenge has emerged - the complexity of managing, securing, and understanding the sprawling API landscape within an organization. To tackle these concerns head-on, Salt Security has pioneered the industry's first API posture governance engine and a suite of advanced capabilities designed to bring clarity, security, and efficiency to your API ecosystem.

STEP Program with Bright Security: DAST Solutions and API Testing

We’re all in this together, which is why awareness about APIs and connecting with one another is crucial to cyber security. Salt Security has recently announced our Salt Technical Ecosystem Partner Program which can help demonstrate the role of application security testing when it comes to API security and where it fits in a good API security program.

OAuth security gaps at Grammarly (now remediated)

This short video explains how Salt Labs researchers identified several critical security flaws on the popular site - Grammarly. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user. All issues were reported to Grammarly and have been resolved with no evidence of these flaws being actively exploited in the wild. In the research, they also found similar vulnerabilities in Vidio.com and Bukalapak.com.

Understanding API Attacks: Why they are different and how to stop them

API attacks aren’t like traditional application attacks. Understanding those differences is crucial to protecting the valuable data and services your APIs enable. Nick Rago, Salt Security Field CTO, discusses in this webinar: We hope you enjoy the webinar on the changing nature of API attacks and learn the best practices to keep your organization safe.

State of API Security for Financial Services and Insurance

As financial services and insurance organizations have increasingly turned to APIs to accelerate business innovation, attackers have also changed their tactics, making APIs their prime target. This short video discusses findings from the first industry-specific version of the State of API Security report and draws on a combination of survey responses and empirical data from the Salt Cloud. Key trends revealed by the survey include.

How the Digital-First Economy and Digital Trends Impact CISOs

To understand how the digital-first economy and global trends have impacted the role of the CISO, Salt partnered with the research firm Global Surveys to study 300 worldwide Chief Information Security Officers. This video highlights trends revealed by the survey including: These were just a few of the highlights from our recent state of the CISO survey. We encourage you to download the full report for even more great insights.

Understanding API Attacks

As APIs have become the backbone of modern applications, threat actors are increasingly targeting them. Whether it be to exfiltrate data, take control of critical systems, or disrupt key business services or digital supply chains, threat actors have taken notice—and they see APIs as a prosperous attack vector. In this video, you’ll gain valuable insights into API security and learn proactive measures to safeguard your APIs. By understanding the challenges posed by API attacks, you’ll understand the best strategies to protect your organization.

Salt: Securing your innovation

Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices.

What you need to know about the new 2023 OWASP API Security Top 10

The 2023 OWASP API Security Top 10 list compiles and explains the most recent and pressing security threats facing today’s complex API ecosystem. As part of the committee that defined this industry-framing list, Salt gives you an insider view into the categories and how those embarking on their API security journey can most effectively address the critical vulnerabilities raised.