Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Helping bp Launchpad Re-imagine Energy by Enabling API-based Innovation

Jennifer Dignum
May 17, 2022

Having pioneered API security, the Salt Security team is always gratified to have the caliber of our solution validated through a customer’s vetting and selection. We are honored to be chosen as bp Launchpad’s technology solution for API security and also find it meaningful to support a business that is working to re-imagine energy for people and our planet.

bp Launchpad, the in-house business accelerator for bp, strengthens energy resilience and generates sustainable change by growing global startup companies within the renewable energy sector. Its portfolio of digitally-led companies help deliver cleaner, more affordable, and reliable energy.

bp Launchpad supports these companies by sharing its expertise across multiple business functions, including building best-in-class technology infrastructure. By providing technology solutions to its companies, bp Launchpad bolsters their capabilities and drives growth.

According to Tom Salmon, Head of Cyber for bp Launchpad, API security is a non-negotiable requirement for their startup companies. As digital businesses, these incubator companies all rely on APIs as the foundation for their applications and services.

“If an attacker exploits a BOLA flaw to manipulate API requests and alters an energy device, if they make a change to an asset that they shouldn’t have access to, that has real human impact – physical, real-world impact – and that’s our biggest concern.” Tom Salmon, Head of Cyber, bp Launchpad

In this short video, Tom explains why bp Launchpad knew that API security had to be part of their API programs:

Like bp Launchpad, more and more companies are recognizing that dedicated API security has become a critical component in securing platform services. Gartner reinforced this need last year when it updated its security reference architecture to add – for the very first time – a separate pillar for API discovery and protection.

The sheer number of APIs being used and the different ways that they are being used have changed security requirements. With an expanding API attack surface, companies need more context to provide adequate protection.

With its cloud-scale big data-based architecture, the Salt Security platform delivers the context that security teams need to spot deviations from normal API behaviors. Unlike traditional security solutions, the Salt platform can capture a breadth of API traffic interactions over an extended period of time that spans the full API lifecycle. Salt can store hundreds of attributes about millions of APIs and users over time. Leveraging artificial intelligence (AI) and machine learning (ML) algorithms, Salt Security provides a baseline of normal API traffic and enables bp Launchpad’s companies to:

  • Instantly see which APIs are exposing sensitive data
  • Identify API attacks in real-time
  • Provide remediation details to harden APIs in development

According to Tom, security teams have an obligation to provide solutions that help reduce risk without making the process more difficult for developers or slowing down business programs. Security is responsible for giving cross-functional teams the answers and dedicated solutions that make it easy to deploy and protect the growing number of APIs. In the case study, Tom states:

“When we find an anomaly, Salt gives us a specific remediation. That’s the kind of information developers need.”

Salt Security has a proven record of success as the leading API security solution in the market, with the most customers and deepest penetration among Fortune and Global 500 enterprises.

If you would like to learn more about the Salt Security API Protection Platform, we invite you to sign up for a personalized demo.

Tags

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

November 5, 2024

Eric Schwake
Head of Product Marketing

Industry

API Security: The Non-Negotiable for Modern Transportation

Airlines and transportation companies heavily rely on APIs to handle sensitive data, from customer information to payment details and flight schedules. While crucial for efficient operations, these APIs are also prime cyberattack targets.

Read more

October 31, 2024

Alexandria Nicosia
Social Media Manager

Industry

Securing APIs in Retail: Safeguarding Customer Data

In the fast-paced retail industry, where customer trust and data protection are critical, API security must be a top priority to ensure both reliability and a seamless customer experience, confidence, and trust in digital services.

Read more

October 30, 2024

Eric Schwake
Head of Product Marketing

Customer

Salt Security and Dazz: A Powerful Partnership for API Security

Integrating Salt Security and Dazz provides a robust solution for organizations aiming to enhance their API and application security.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back