Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Announcing Salt Security Integration With Kong API Gateway

Chris WestphalChris Westphal
Aug 5, 2019

At Salt Security one of our philosophies is to provide solutions that help simplify processes, and save time, rather than introduce additional complexities. This is especially important when it comes to security.

If a product is too difficult to deploy or too complex to use we know that’s a nonstarter for customers. Our integration model is a great example of our philosophy of keeping things simple and saving time and we have many integration options to provide choice and flexibility. This makes it seamless to integrate our solution with your environment and provide API protection as quickly as possible.

Get useful guidance on the future of APIs and learn how to maximize the benefits of APIs while mitigating your risk.

One of those integration options is leveraging an existing API gateway, and today we’re proud to announce that we have support for the popular Kong API gateway. With this support you can deploy the Salt Security plug-in on the Kong API gateway with just a few simple configuration steps and in a matter of minutes you’ll be up and running with Salt Security API Protection. Once deployed our plug-in takes a mirror of API traffic running through Kong and sends it to our solution for analysis to give you some big benefits:

Up To Date Catalog Of Your APIs

The first step in the analysis process is to learn about the APIs in your environment with an end goal of providing you with a comprehensive catalog that includes all of your public, private and partner facing APIs. Since this process is ongoing that catalog is always kept up to date meaning if a new API or API endpoint is introduced into your environment it’s added to the catalog.

Visibility of PII Exposure

In addition to providing that comprehensive catalog we also let you know where your APIs are exposing PII and we can show you that down to the endpoint level. This is an important part of assessing risk when it comes to APIs and data and can also be helpful in meeting requirements for compliance.

Understanding Normal Behavior

As we build the catalog we’re also learning a lot about the activity across your APIs and we do this to establish a baseline of normal behavior. This baseline is the foundation from which we detect malicious activity and enable you to stop attackers during reconnaissance, before attacks are successful.

Blocking Attackers

Another integration point with Kong is to use the platform’s capabilities to block malicious users. When a user is identified by Salt Security as malicious we can alert security teams and leverage a number of methods such as blocking IP addresses or revoking session tokens to stop attacks. We can also automate this process to block malicious users with no needed intervention from security teams. With this approach we’re helping you utilize workflows and enforcement points that already exist in your environment to integrate API protection quickly and with less friction.

If you have Kong deployed in your environment or if you’re interested in our other deployment options check out our website to see how you can add Salt Security and start protecting your APIs today. Personalized demos can also be scheduled by visiting:


Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

June 18, 2024

Salt Labs
Research Team

Salt Labs

Increasing API Traffic, Proliferating Attack Activity and Lack of Maturity: Key Findings from Salt Security’s 2024 State of API Security Report

The latest Salt Security State of API Security Report is out now, and we’re thrilled to give a little sneak peek of its contents.

Read more

June 12, 2024

Elad Hoffer
Head of Product R/T Protection


Salt Security Leading the Way in AI-Driven API Security for Next-Generation Threat Protection and Attacker Insights

Learn how the recent introduction of advanced LLM-driven attacker insights further solidifies Salt's position as a leader in API security solutions.

Read more

June 7, 2024

Eric Schwake
Head of Product Marketing

A Salt Security Perspective on the 2024 Gartner® Market Guide for API Protection

Salt Security's API Protection Platform is AI-infused and designed to address the challenges outlined in the Gartner report.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Learn everything you need to know to keep your APIs secure

Get the guide