Register for our Dec 19th Webinar: Beyond the Perimeter: Achieving Comprehensive API Security

Blog Post

Technical

Harnessing the Power of eBPF for API Traffic Analysis with Salt Sensor 3.0

Roy Bar Yosef
Oct 2, 2024

As API usage grows, so do the complexities of securing them. At Salt Security, we're constantly striving to stay ahead of the curve and bring you the best-in-class solutions for API traffic analysis. With that mission in mind, we are thrilled to announce the release of Salt Sensor 3.0.0, packed with exciting new features to enhance your ability to capture and analyze API traffic. The star of this release is the integration of eBPF (Extended Berkeley Packet Filter) technology, ushering in a new era of API traffic collection.

Why eBPF?

eBPF has revolutionized the way network traffic can be captured and processed. It runs directly within the Linux kernel, providing deep visibility into network traffic with minimal overhead. With this advancement, Salt Sensor 3.0.0 offers enhanced traffic-capturing capabilities, especially in complex environments where traditional methods fall short.

Unlocking New Capturing Methods

One of the most significant enhancements in Salt Sensor 3.0.0 is the ability to handle encrypted API traffic seamlessly, leveraging the power of eBPF to simplify what was once a complex and performance-intensive process. With eBPF, we can now capture API traffic after SSL termination, allowing for more accurate and efficient monitoring without the need for intrusive proxies or decryption services.

Key Capturing Scenarios in Salt Sensor 3.0.0

  1. Service Meshes: Seamlessly capture traffic from popular service mesh architectures (like Istio and Linkerd) without requiring additional sidecar proxies.
  2. In-app Encryption: eBPF enables capturing traffic within applications using OpenSSL or BoringSSL, simplifying traffic collection even in heavily encrypted environments.
  3. Proxies and Gateways: Expanded support for ingress gateways and proxies like Envoy, Kong, and Nginx—thanks to the integration of Kprobe and Uprobe for kernel-space and user-space applications, respectively.

Simplified Deployment via Helm

We’ve also streamlined the deployment process in Salt Sensor 3.0.0, making it more accessible to DevOps teams and easier to integrate into your existing infrastructure. With our enhanced Helm chart, deploying the eBPF-powered sensor is now a one-step process.

Whether you're deploying Salt Sensor in a Kubernetes environment or as a Virtual Machine, the Helm-based deployment ensures a fast and consistent installation across different platforms. With just a single command, you can deploy Salt Sensor and begin capturing traffic, without complex setup or manual configurations.

Key Benefits of Salt Sensor 3.0.0:

  • Reduced Latency: eBPF operates directly in the kernel space, reducing the performance impact on your environment while still capturing detailed traffic data.
  • Deep Visibility: Whether you’re running service meshes, encrypted workloads, or applications spread across a hybrid cloud setup, Salt Sensor 3.0.0 ensures you can capture all the traffic you need.
  • Simplified Deployment: With our Helm-based deployment, Salt Sensor can be up and running in minutes, drastically reducing deployment complexity.
  • Future-Proof: The ability to capture traffic without needing SSL decryption proxies or complex routing configurations puts you ahead of the curve for evolving network architectures.

Get Started with Salt Sensor 3.0.0

If you're already using Salt Sensor, upgrading to version 3.0.0 is quick and easy with our Helm-based deployment—simply follow the same familiar process to take advantage of the new eBPF-powered capabilities.

For those new to Salt, we invite you to request a demo and see firsthand how Salt Sensor 3.0.0 can transform the way you secure your APIs.

Stay ahead of API threats with the power of eBPF—and welcome to the future of API traffic analysis!

Tags

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

November 27, 2024

Eric Schwake
Head of Product Marketing

Industry

Beyond Traditional Security: Addressing the API Security Gap

To safeguard your business from API-specific threats, you need a dedicated solution that offers comprehensive visibility, in-depth contextual analysis, automated governance, robust data protection, and AI-driven threat prevention.

Read more

November 21, 2024

Eric Schwake
Head of Product Marketing

Industry

API (In)security: The Hidden Risk of Black Friday

Learn how, for online retailers, Black Friday represents both a lucrative opportunity and a significant cybersecurity challenge.

Read more

November 5, 2024

Eric Schwake
Head of Product Marketing

Industry

API Security: The Non-Negotiable for Modern Transportation

Airlines and transportation companies heavily rely on APIs to handle sensitive data, from customer information to payment details and flight schedules. While crucial for efficient operations, these APIs are also prime cyberattack targets.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back