Gartner's API Security Report

Download report

How APIs streamlined app dev for DeinDeal – and broke security

Michelle McLean
Apr 28, 2021

Customer successes are the best kind of news to share, so we’re thrilled to announce today that Salt is enabling DeinDeal, the Swiss e-commerce leader, to secure its APIs across build and runtime.

Like a lot of companies, DeinDeal initially started using APIs to build its mobile applications. The company soon realized it had a golden opportunity to streamline and accelerate application development by using the same APIs to drive both its mobile apps and its website. As growth exploded during COVID, and the company embraced new markets like food delivery, rapid application innovation became especially crucial.

APIs more than delivered on the goal to accelerate app dev, but DeinDeal soon found that running so many APIs left the company vulnerable in security. “We were used to classic security for the web front end – we had WAFs and bot management,” says Alexandre Branquart, CTO and co-founder at DeinDeal “But they’re useless for helping you see what’s happening with your APIs, and there’s no way they can tell you if a given set of API calls is legit.”

DeinDeal really values that the Salt ML and AI algorithms learn the particular business logic of DeinDeal APIs. “You guys can tell immediately our good traffic from bad traffic, so you can stop bad actors.” Automatic discovery has been a real benefit as well. “We’re updating our APIs all the time. We thought we’d gotten rid of our outdated ones, so we were surprised when the Salt platform discovered a whole bunch of old APIs still running.”

Salt has also helped DeinDeal with API definition, providing a deep understanding of the APIs without anyone needing to read the code. And Salt shows DeinDeal how customers are using the APIs – data that would have been hard to surface otherwise – so they can refine and improve the business processes defined in their APIs.

“The best part about working with Salt is that we don’t feel alone in this – we’ve built up so much mutual trust, and Salt’s been super responsive whenever we’ve needed enhanced functionality of any type. I always say, ‘IT is good, but humans are better.’ And we have a very human relationship with Salt.”

We’re fortunate to have such passionate advocates in our customers. We’d love to make you one too – check out our demo to see how Salt can help you discover all your APIs, stop attackers, and gain remediation insights to harden your APIs.