Salt Security

Palo Alto, CA, USA
Sep 21, 2023   |  By Michelle McLean
We’re entering a new season of fall, but here at Salt, it seems like it’s always awards season! We continue to receive accolades for the Salt Security API Protection Platform – all year round! This time we have been honored with the “Best API Security” award in the 2023 API Awards.
Sep 19, 2023   |  By Gilad Barzilay
It’s been just about a year since we first announced our partnership with CrowdStrike. We are delighted to share today that we’ve further strengthened that partnership with the new “better-together” story of Salt and the CrowdStrike Falcon® platform.
Aug 23, 2023   |  By Salt Technical Engineering
The neon lights of Black Hat and DEF CON, with their flashing demos and groundbreaking presentations, often dazzle attendees and cyber enthusiasts alike. From AI-driven hacking tools to quantum encryption, the subjects covered span a vast spectrum. However, as with any vibrant city, these include areas of risk and concern. For Black Hat 2023 events, APIs are core to these areas.
Aug 21, 2023   |  By Michelle McLean
It never gets old! We’re excited to share that Salt has won yet another award – our 15th award this year! This time, we have been named the “Best API Security Solution” in the renowned 2023 SC Awards. The SC Awards are cybersecurity’s most prestigious and competitive honor. The premier recognition program honors outstanding innovations, organizations and leaders that are advancing the practice of information security.
Jul 27, 2023   |  By Nick Rago
In an ideal world, security incidents result in minimal damage, and we can learn from them to improve our future defenses. Fortunately, such appears to be the case with JumpCloud. According to JumpCloud’s blog post, its recent security incident impacted fewer than 5 JumpCloud customers and fewer than 10 devices. Moreover, working together with their incident response (IR) partner Crowdstrike (also a Salt Security partner), JumpCloud has mitigated the attack vector used by the threat actor.
Jul 20, 2023   |  By Stephanie Best
Salt has just released a new resource for business and security leaders – “Understanding API Attacks: Why Are They Different and How Can You Stop Them.” Salt undertook writing this eBook as part of our ongoing commitment to educate the market about API security issues and trends. In this new eBook, we take a close look at how API attacks differ from traditional attacks, and the measures organizations can take to protect against them.
Jul 19, 2023   |  By Stephanie Best
API security is a pressing concern for industries undergoing digital transformation, and none more so than financial services and insurance.
Jul 12, 2023   |  By Stephanie Best
We’ve taken our award-winning API security “Down Under” with our latest customer success! Today we announced that Jemena, a leading energy company in Australia, has selected the Salt Security API Protection Platform to protect its critical gas and electricity infrastructure. Here at Salt, we are honored that Jemena has chosen us to secure its API modernization project!
Jun 21, 2023   |  By Michelle McLean
Salt is thrilled to share the findings from the just-released “State of the CISO 2023” report! We wanted to hear directly from CISOs/CSOs around the world about how digital transformation is impacting their role and understand the biggest challenges – both personal and professional – they’re contending with as a result.
Jun 14, 2023   |  By Salt Labs
On May 29, 2023, a critical security vulnerability, identified as CVE-2023-34362, was published, leaving users of MOVEit Transfer software at high risk. According to Progress, organizations have reported possible exploitation in the wild. Therefore it’s crucial that any business using MOVEit Transfer to take immediate action, especially since all versions of this popular file transfer software are affected by this vulnerability.
Aug 24, 2023   |  By Salt Security
API attacks aren’t like traditional application attacks. Understanding those differences is crucial to protecting the valuable data and services your APIs enable. Nick Rago, Salt Security Field CTO, discusses in this webinar: We hope you enjoy the webinar on the changing nature of API attacks and learn the best practices to keep your organization safe.
Jul 24, 2023   |  By Salt Security
As financial services and insurance organizations have increasingly turned to APIs to accelerate business innovation, attackers have also changed their tactics, making APIs their prime target. This short video discusses findings from the first industry-specific version of the State of API Security report and draws on a combination of survey responses and empirical data from the Salt Cloud. Key trends revealed by the survey include.
Jul 14, 2023   |  By Salt Security
To understand how the digital-first economy and global trends have impacted the role of the CISO, Salt partnered with the research firm Global Surveys to study 300 worldwide Chief Information Security Officers. This video highlights trends revealed by the survey including: These were just a few of the highlights from our recent state of the CISO survey. We encourage you to download the full report for even more great insights.
Jul 11, 2023   |  By Salt Security
As APIs have become the backbone of modern applications, threat actors are increasingly targeting them. Whether it be to exfiltrate data, take control of critical systems, or disrupt key business services or digital supply chains, threat actors have taken notice—and they see APIs as a prosperous attack vector. In this video, you’ll gain valuable insights into API security and learn proactive measures to safeguard your APIs. By understanding the challenges posed by API attacks, you’ll understand the best strategies to protect your organization.
Jun 16, 2023   |  By Salt Security
Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices.
Jun 15, 2023   |  By Salt Security
The 2023 OWASP API Security Top 10 list compiles and explains the most recent and pressing security threats facing today’s complex API ecosystem. As part of the committee that defined this industry-framing list, Salt gives you an insider view into the categories and how those embarking on their API security journey can most effectively address the critical vulnerabilities raised.
May 18, 2023   |  By Salt Security
Every company’s APIs are unique and so are its security gaps. Bad actors will poke and prod to learn your APIs and find mistakes in business logic they can exploit. Catching these attacks requires context and deep behavioral analysis over time. With its recent AWS WAF Ready designation, Salt Security makes it easier and faster for businesses to protect the APIs running in their AWS environments. Salt provides the visibility, intelligence, and context over time to identify and block attacks using tools you already rely on such as Amazon API Gateway, AWS WAF, and other inline enforcement points.
May 4, 2023   |  By Salt Security
Every company follows a unique path in adopting such critical and far-reaching security initiatives as API security. Nate Steinberg, Principal Information Security Specialist, shares how Amway approached building out its API security strategy. This on-demand fireside chat with Salt Security and Amway discusses.
Apr 20, 2023   |  By Salt Security
Stephanie Best, Director of Product Marketing, and Yaniv Balmas, VP of Research at Salt Labs, discuss what you need to know about the new 2023 OWASP API Security Top 10 release candidate. As a member of the OWASP committee that helped shaped the latest report, Yaniv takes you behind the scenes to learn what changed, what stayed the same, and why these decisions were made.
Apr 7, 2023   |  By Salt Security
APIs have emerged as the leading attack vector and attack surface most targeted by cybercriminals. That's why it's important to understand the tactics and techniques used by attackers while they're targeting APIs. In this video, we help you achieve this level of understanding by mapping the MITRE ATT&CK framework to API security attacks.
Apr 1, 2023   |  By Salt Security
API attacks are on the rise, and WAFs and gateways cannot stop them. A few highlights from our latest Salt Labs report on API security: Download the report now to benchmark yourself and use the findings to improve API security for your company.
Apr 1, 2023   |  By Salt Security
API Security for Dummies walks you through how application architecture has evolved, why apps are built on APIs now, the security risk APIs present, and best practices for securing APIs. This eBook: Download this eBook to learn the most critical elements of API security and ten prioritized steps you can follow now to start securing APIs for your organization.
Mar 1, 2023   |  By Salt Security
Securing your APIs is no longer a luxury, but it shouldn't be viewed as just a necessary burden either. Protecting your APIs opens the door to real business value including: Download this eBook to explore the business results customers are uncovering as they embark on their API security journey and how to quantify the value of API security in your organization.
Mar 1, 2023   |  By Salt Security
API attacks include many of the tactics, techniques, and procedures (TTPs) identified in the MITRE ATT&CK framework. This white paper analyzes and maps three common API attack scenarios to the TTPs found in the MITRE Enterprise Matrix. By understanding how the MITRE ATT&CK TTPs relate to API security threats, security leaders can: Download now to learn how to defend against API attacks by leveraging this well-known security framework.
Feb 1, 2023   |  By Salt Security
API security has emerged as a key priority for protecting vital data and services. It's also an area where many companies lack expertise. Salt Security has compiled this list of API security best practices, drawn from field experience and customer feedback, to help guide you on your API security journey. These API security best practices fall into multiple focus areas, including: Download this guide to obtain a comprehensive list of best practices and guidance to secure your APIs throughout their lifecycle.
Feb 1, 2023   |  By Salt Security
With API attacks on the rise, and existing security technology proving to be ineffective at stopping API attacks, organizations need to take a new approach. API security offerings must provide a range of functionality to be useful to organizations, including: Download this white paper to improve awareness of what it takes to adequately secure APIs, how to evaluate a given API security offering, and what API security capabilities are necessary to protect your business.

The leading API security company, providing the context needed to discover APIs, stop attacks, and remediate vulnerabilities to accelerate business innovation.

By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and shift-left practices. Deployed quickly and seamlessly integrated within existing systems, the Salt Security platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives.

Complete API security for complete protection:

  • Discover all your APIs: Continuously inventory all your APIs, including shadow and zombie APIs.
  • Prevent sensitive data exposure: Identify the APIs that are exposing PII or other sensitive data.
  • Stop API attacks: Correlate activity to block attackers during reconnaissance.
  • Prevent ATO, Data Exfiltration: Thwart credential stuffing, account takeover, and data theft attacks.
  • “Shift left” with proactive API security Test APIs in pre-production to identify and eliminate vulnerabilities.
  • Accelerate incident response: Reduce the time needed to understand and resolve incidents.
  • Provide remediation insights: Share learnings from runtime analysis with dev teams to harden APIs.
  • Simplify compliance: Tie your API and sensitive data discovery and vulnerability remediation into GRC workflows.

The rich API context you need for robust discovery, attack prevention, and shift left.