Customer successes are the best kind of news to share, so we’re thrilled to announce today that Salt is enabling DeinDeal, the Swiss e-commerce leader, to secure its APIs across build and runtime.
Like a lot of companies, DeinDeal initially started using APIs to build its mobile applications. The company soon realized it had a golden opportunity to streamline and accelerate application development by using the same APIs to drive both its mobile apps and its website. As growth exploded during COVID, and the company embraced new markets like food delivery, rapid application innovation became especially crucial.
APIs more than delivered on the goal to accelerate app dev, but DeinDeal soon found that running so many APIs left the company vulnerable in security. “We were used to classic security for the web front end – we had WAFs and bot management,” says Alexandre Branquart, CTO and co-founder at DeinDeal “But they’re useless for helping you see what’s happening with your APIs, and there’s no way they can tell you if a given set of API calls is legit.”
DeinDeal really values that the Salt ML and AI algorithms learn the particular business logic of DeinDeal APIs. “You guys can tell immediately our good traffic from bad traffic, so you can stop bad actors.” Automatic discovery has been a real benefit as well. “We’re updating our APIs all the time. We thought we’d gotten rid of our outdated ones, so we were surprised when the Salt platform discovered a whole bunch of old APIs still running.”
Salt has also helped DeinDeal with API definition, providing a deep understanding of the APIs without anyone needing to read the code. And Salt shows DeinDeal how customers are using the APIs – data that would have been hard to surface otherwise – so they can refine and improve the business processes defined in their APIs.
“The best part about working with Salt is that we don’t feel alone in this – we’ve built up so much mutual trust, and Salt’s been super responsive whenever we’ve needed enhanced functionality of any type. I always say, ‘IT is good, but humans are better.’ And we have a very human relationship with Salt.”
We’re fortunate to have such passionate advocates in our customers. We’d love to make you one too – check out our demo to see how Salt can help you discover all your APIs, stop attackers, and gain remediation insights to harden your APIs.
Dr. Anton Chuvakin, security advisor at Office of the CISO, Google Cloud, joined our recent API Security Summit. Dr. Chuvakin’s session – co-hosted by Salt Security's Michelle McLean – provided an in-depth discussion on why API security has become a “now” problem.
The monetary growth opportunities promised by APIs are immense, but to harness them, CISOs must ensure the protection of their APIs.
With the industry moving to microservices and API-driven applications, new security threats and attack vectors have emerged. The PCI Security Standards Council has worked to address these threats in its newest PCI DSS 4.0 standard.