State of API Security Report Q3 2022

Learn more

Expanding Across EMEA with Exclusive

Sunil Dutt
Feb 24, 2022

As we continue to build out our network of partners to help API-driven organizations identify and eradicate risks, I’m excited to announce our EMEA-wide partnership with Exclusive Networks. Together, we’re engaging enterprises of all sizes in leveraging the Salt API security platform to protect the API-based applications and services enabling digital transformation and so much other business innovation today.

I’ve had the pleasure of working with Exclusive Networks for more than a decade, most recently at Nutanix where we jointly built a successful partner ecosystem throughout EMEA. Exclusive Networks has demonstrated its technical leadership in wave after wave of innovation. The company is built with a services-first ideology at its core, harnessing innovation and disruption to outstrip market growth. Today, the team’s services range from managed security to specialist technical accreditation and training. Through our partnership, Exclusive and Salt will deliver value throughout the customer lifecycle, with a focus on the only result that matters: outcomes – globally orchestrated, locally delivered, with omnichannel consumption options.

This distinctive approach to distribution gives Exclusive partners more opportunity and more customer relevance. Exclusive Networks has a unique ‘local sale, global scale’ model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse. As a trusted cybersecurity specialist, the company helps to drive the transition to a totally trusted digital world, powered by a best-in-class technology portfolio and together we are looking forward to taking those partners and their end customers on their journey to achieve best in class API security.

APIs have become core components of application development, enabling digital transformation, fueling innovation, and powering today’s customer-facing and partner-facing applications and services. But that ubiquity and robust functionality also make APIs a top target for bad actors: APIs essentially provide doorways into huge data repositories and critical services, so malicious hackers spend a lot of time looking for ways to pick their locks or manipulate their functionality to access that information. A lot of recent security breaches stemming from API vulnerabilities show just how real and current the problem is, including one of Europe’s biggest banks.

The rapid increase of APIs has dramatically altered the attack surface of applications, creating a major challenge for large enterprises. As a result, we continue to see API security incidents make the news headlines and cause significant reputational risk for companies.  

So why is solving the problem of API security such a pressing concern? In short, because innovation and usage has outpaced the existing technology stack’s ability to protect APIs.

Companies are using APIs very differently today than even just a few years ago. Historically, organizations used very few APIs, making them inherently more manageable, and they connected less as well as less sensitive data. They also didn’t change very often, so developers could keep pace with updates. With today’s pace of development, and with so many mobile and other applications being entirely API driven, APIs are continuously getting updated, and organizations have thousands of them connecting the crown jewels across a range of applications.  

We have seen these changes across our combined ecosystems both with channel partners and their end customers and have recognized that this evolution has made APIs a prime target for malicious hackers. In 2017, Gartner predicted: “By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.” In a research note just last month, the analyst firm noted “As 2022 approaches, this prediction could arguably be counted as “missed” — but only because we underestimated the steep rise in attacks on APIs.”

This sea change – in both the use of APIs and the targeting of APIs by bad actors – presents a huge opportunity for partners, who will benefit massively from the market leadership role that Salt enjoys. In the last 12 months, our company has grown revenue 400%, and our customers include a range of Fortune 500 and other large businesses in the financial services, retail and SaaS sectors. Customers including Takeda Pharmaceuticals, AON, Amway, Ally Bank, Equinix, Finastra, and DeinDeal. In this same time period, we’ve also grown our headcount 160%, and we’re protecting nearly 5x the API traffic of a year ago.

We are delighted by this partnership and looking forward to demonstrate our innovative approach to protecting APIs through three main capabilities:

  • Discovery: Companies typically underestimate the number of APIs in operation by 40% to 80%. These unknown, or “shadow” APIs create blind spots and risk. Salt automatically discovers all APIs and the sensitive data they expose, helping organizations stay protected even as APIs evolve and change.
  • Attack prevention: The Salt platform baselines the user and API behavior throughout an organization, tracking these typical patterns in its cloud-scale big data engine. We can then immediately identify anomalous behavior, separating attacks from simple user errors and stopping attackers before they can reach their objective, while bad actors are still performing their reconnaissance.
  • Improved security posture and remediation: The Salt platform detects API vulnerabilities in the development and test phase, and customers can integrate Salt into their CI/CD systems to alert developers to risks or even fail non-compliant builds. We also use learnings from our runtime analysis to provide actionable insights developers can use to harden APIs.

Our market reputation speaks for itself and here are some of the industry awards we have collected:

Go back to blog

Learn everything you need to know to keep your APIs secure

Sign up for blog digest