Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Salt Security

salt security

API Risk Management: A Strategic Approach to API Risk Reduction

Jan 18, 2024 By Nick Rago In Salt Security
Could you imagine our interstate highway system without roadway bridges? I don’t think anyone would argue that bridges are not an essential part of an effective ground transportation network. So it doesn’t surprise me that when I ask people what makes a highway bridge “good,” I get quick responses with pretty consistent answers: guardrails, proper lighting, clear signage, smooth driving surface, lane markings, load capacity, structural integrity, and so on.
Read Post
salt security

The Debut of the Industry-First API Security Posture Management Engine

Jan 17, 2024 By Michael Callahan In Salt Security
Today, we’re thrilled to share that Salt has launched extended capabilities to our powerful platform, adding yet another industry-first technical advancement to our trophy case! (full announcement here.) Since its founding, Salt’s been on a mission to create a platform that can detect, prioritize and solve the most complex API security challenges and risks.
Read Post
salt security

API Predictions for 2024

Jan 12, 2024 By Michael Nicosia In Salt Security
Is Salt Security a fortune teller? We’re not sure if we’d go as far as to say that, but we certainly have had our fair share of precognitive moments. In today’s virtual age where everyone is utilizing and relying on digital landscapes, people’s data is constantly being put online. As technology advances and more people go online, bad actors and cyber threats use vulnerabilities in Application Programming Interfaces (APIs) to get access to sensitive data.
Read Post

STEP Program with Bright Security: DAST Solutions and API Testing

Nov 27, 2023 By Salt Security In Salt Security
We’re all in this together, which is why awareness about APIs and connecting with one another is crucial to cyber security. Salt Security has recently announced our Salt Technical Ecosystem Partner Program which can help demonstrate the role of application security testing when it comes to API security and where it fits in a good API security program.
View Video
salt security

Oh-Auth - Abusing OAuth to take over millions of accounts

Oct 24, 2023 By Aviad Carmel In Salt Security
OAuth (Open Authorization) is one of the fastest adopted technologies in the AppSec domain. From its first introduction in 2006, as an attempt to introduce a standard authorization protocol, it has become one of the most popular protocols for both user authorization and authentication, and it’s being used by almost every major web service and website today. One of the reasons for its huge popularity is its ease of implementation.
Read Post

OAuth security gaps at Grammarly (now remediated)

Oct 24, 2023 By Salt Security In Salt Security
This short video explains how Salt Labs researchers identified several critical security flaws on the popular site - Grammarly. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user. All issues were reported to Grammarly and have been resolved with no evidence of these flaws being actively exploited in the wild. In the research, they also found similar vulnerabilities in Vidio.com and Bukalapak.com.
View Video
salt security

Strengthening our CrowdStrike Bond with Falcon Integration

Sep 19, 2023 By Gilad Barzilay In Salt Security
It’s been just about a year since we first announced our partnership with CrowdStrike. We are delighted to share today that we’ve further strengthened that partnership with the new “better-together” story of Salt and the CrowdStrike Falcon® platform.
Read Post

Understanding API Attacks: Why they are different and how to stop them

Aug 24, 2023 By Salt Security In Salt Security
API attacks aren’t like traditional application attacks. Understanding those differences is crucial to protecting the valuable data and services your APIs enable. Nick Rago, Salt Security Field CTO, discusses in this webinar: We hope you enjoy the webinar on the changing nature of API attacks and learn the best practices to keep your organization safe.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.