Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Salt Security

The Dell API Breach: It could have been prevented

As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack flow. The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, the attacker had a valid account.

Enabling GenAI with AI-infused API Security

GenAI has the promise to transform companies, and introduce a lot of security risk. One of the main benefits of GenAI relates to the modernization of apps. Most companies are going through some type of app modernization. They are responding to the market by delivering better and better experiences to their customers. This is largely done through the experience people have with their apps. This ranges from banking to healthcare to travel and everywhere in between.

Salt Security Addresses Critical OAuth Vulnerabilities Enhancing API Security with OAuth Protection Package

OAuth is an important part of modern authorization frameworks, granting access to resources across different applications easily. However, vulnerabilities in OAuth implementations can create significant security risks. Following research released by Salt labs that uncovered critical vulnerabilities in the world's most popular authorization mechanism, Salt has released a multi-layered protection package to detect attempts to exploit OAuth and proactively fix the vulnerabilities.

Becoming A Secure API First Company

Join Nick Rago (VP of Product Strategy at Salt Security) and Claudio Acquaviva (Software Architect of Kong Inc.) in this informative webinar (live April 11). They discuss what being API-first really means, the essentials to success, and walkthrough the lifecycle of an API from design to deployment and how combining Salt Security with Kong through that API lifecycle can help provide a risk-free API-first journey.

Introducing Salt Security's New AI-Powered Knowledge Base Assistant: Pepper!

Going to a vendor's Knowledge Base (KB) is often the first place practitioners go to get the product deployed or troubleshoot issues. Even with advanced search tools, historically, KBs have been challenging to find relevant content quickly, and navigating a KB can be frustrating. At Salt Security, not only do we want to make your job of securing APIs easier, but we also want to make getting the guidance you need easier, friendlier and more efficient.

Security Flaws within ChatGPT Ecosystem Allowed Access to Accounts On Third-Party Websites and Sensitive Data

Salt Labs researchers identified generative AI ecosystems as a new interesting attack vector. vulnerabilities found during this research on ChatGPT ecosystem could have granted access to accounts of users, including GitHub repositories, including 0-click attacks.

Salt Security, API Posture Governance, and the NIST Cybersecurity Framework 2.0

Securing organizations against today’s most advanced threats continues to be challenging, with APIs (Application Programming Interfaces)playing an increasingly central and vulnerable role, especially as digital transformation marches on. The NIST Cybersecurity Framework 2.0 (CSF) release underscores the urgency of addressing evolving threats and now emphasizes the importance of governance in Cybersecurity.

Introducing the Salt Developer Portal: Unleash the Power of Automating API Security

AppSec leaders and security practitioners, rejoice! Automating your security practices using Salt Platform APIs is now easier than ever, empowering developers to integrate APIs quickly and efficiently while helping reduce risk. The newly launched Salt Developer Portal is your one-stop hub for all API security automation needs.

A New Strategy for Reducing API Risk

As organizations increasingly embrace APIs, a new challenge has emerged - the complexity of managing, securing, and understanding the sprawling API landscape within an organization. To tackle these concerns head-on, Salt Security has pioneered the industry's first API posture governance engine and a suite of advanced capabilities designed to bring clarity, security, and efficiency to your API ecosystem.

API Risk Management: A Strategic Approach to API Risk Reduction

Could you imagine our interstate highway system without roadway bridges? I don’t think anyone would argue that bridges are not an essential part of an effective ground transportation network. So it doesn’t surprise me that when I ask people what makes a highway bridge “good,” I get quick responses with pretty consistent answers: guardrails, proper lighting, clear signage, smooth driving surface, lane markings, load capacity, structural integrity, and so on.