As the first company to deliver an API security platform, we here at Salt take enormous pride in our leadership position in this exploding market. We’ve built the best technology, earning the most customers, funding, and accolades along the way, and today we’re excited to share a few ways we’re extending our technical leadership.
Salt is uniquely focused on securing APIs across their full lifecycle – we believe organizations need to both “shift left” and “protect right,” as in RIGHT NOW. You need to get feedback to developers so they can write better APIs that let you stop playing “whack-a-mole,” fixing the same problem in runtime over and over. Keep the balance, though – you don’t want to over-rotate on shift left. We see CISOs looking to put in place protections that stop attackers right now, so no matter what happens in the DevOps processes, the data stays safe. As the CISO of Armis, Curtis Simpson, put it recently, “Improving dev practices is super valuable, but you can’t shift everything left at once. You’re changing the culture along with introducing a bunch of new technology into the pipeline. So with Salt, you get protected right now, and then you can focus on getting developers the remediation insights.”
We’re making those insights even stronger with our recent enhancements. We’ve always used the minor successes of hackers doing the probing to learn a company’s APIs as a source of insight into how our customers can harden their APIs – using attackers as pen testers, we call it. In the latest series of updates to the Salt SaaS platform, we’ve added:
So check out what Salt can do to keep your data and services protected from API hackers, who’ve figured out it’s well worth their time and resources to go after your APIs! Get a personalized demo, or check out how other customers are tapping the power of the Salt C-3A Context-based API Analysis Architecture to keep their APIs safe.
Dr. Anton Chuvakin, security advisor at Office of the CISO, Google Cloud, joined our recent API Security Summit. Dr. Chuvakin’s session – co-hosted by Salt Security's Michelle McLean – provided an in-depth discussion on why API security has become a “now” problem.
The monetary growth opportunities promised by APIs are immense, but to harness them, CISOs must ensure the protection of their APIs.
With the industry moving to microservices and API-driven applications, new security threats and attack vectors have emerged. The PCI Security Standards Council has worked to address these threats in its newest PCI DSS 4.0 standard.