Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Leveraging Google Cloud Packet Traffic Mirroring with Salt to Detect API Security Threats

Stephanie Best
Nov 4, 2022

Hundreds of millions of application programming interfaces (APIs) power today’s digital economy, and that figure continues to expand at a relentless pace. While development teams deploy tools to help them conquer the complexity of managing their API inventory and increase their velocity, the resulting sprawl has created far greater concerns. APIs now represent the broadest and riskiest attack surface in the enterprise. Today we’re seeing APIs become a preferred attack vector for cybercriminals and hackers. A recent Salt Security survey showed that 94% of respondents have experienced security problems in production APIs within the past 12 months, and 20% have suffered a data breach resulting from these API security gaps.

Why? Traditional security approaches are not enough to detect and stop API attacks. To protect your business from being a victim of a successful API attack, you need a platform built from the ground up to automatically discover new and changed APIs, detect and stop attacks on APIs in the early stages, and fix vulnerabilities in new and running APIs.

The platform must take a full lifecycle approach to protect all of the APIs running in your environment — and do so without impacting performance or the user experience. Achieving this level of protection requires automation, powered by cloud-scale big data and highly trained artificial intelligence (AI). Humans — even deeply experienced security analysts — simply can’t analyze hundreds of attributes across millions of API calls to uncover the rich context needed to detect threats such as a multi-day credential stuffing attack.

That’s what differentiates the Salt Security API Protection Platform: its ability to collect, store, and analyze millions of attributes and correlate them over time to identify attackers during reconnaissance. Using the most mature AI and machine learning (ML) algorithms, extensively trained through years of exposure to thousands of environments, the Salt Security platform provides all the context needed to protect all of your APIs — even the ones you didn’t know you had.

Collecting the data needed to detect API threats with Google Packet Mirroring

Salt Security’s newest connector enables customers to seamlessly mirror their Google Cloud Virtual Private Cloud traffic to the Salt API context engine to detect threats and improve their API-related security posture. With this integration, customers can quickly begin collecting API traffic quickly and efficiently with no agents, no code changes, and no configuration. During the implementation process, Salt API experts will work with organizations to mirror the most relevant traffic to meet their specific use cases in a low-impact, resource-efficient, offline manner.  

Continuously discover all of your APIs leveraging your Google Cloud Packet traffic

Maintaining a complete and current API inventory represents one of the biggest blind spots for cybersecurity teams today. Unless your company already has an advanced API security platform, you almost certainly have unknown or shadow APIs, zombie APIs (those thought to be deprecated but still in use), incorrectly documented or undocumented APIs, and APIs with unknown vulnerabilities such as exposing sensitive data. You can’t protect what you can’t see. The Salt Security platform automatically and continuously discovers all your internal, external, and third-party APIs, including shadow and zombie APIs.

Detect and block attacks on your APIs

Attackers are focused on finding and exploiting vulnerabilities in the business logic of your APIs. Because APIs are unique, attackers take days, weeks, or months to probe and understand how your APIs work and where they may have vulnerabilities. The Salt Security platform detects these low-and-slow attacks, uncovering the reconnaissance actions of bad actors early in their probing. With Salt, you can choose to manually or automatically block attackers using the inline devices you already have deployed. The robust integrations with the Google Cloud products you already leverage allow you to do this with fewer resources and effort.

Accelerate remediation and shift left

It’s not enough to find and block attackers exploiting a vulnerability in your API. You will also want to remediate the security gap in your APIs. The Salt Security platform lets you simulate runtime behavior and attacks as part of your CI/CD pipeline process, so you can bake security into your development cycle. The Salt platform also identifies vulnerabilities found only at runtime and provides clear remediation details dev teams can apply to harden existing APIs.

The Salt Security API Protection Platform is the industry-leading API security solution. If you’re interested in learning more, please contact us for a customized demo today.

Additional Resources:

https://salt.security/blog/how-to-protect-apis

https://salt.security/api-security-trends

https://salt.security/blog/owasp-api-security-top-10-explained

Tags

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

July 16, 2024

Eric Schwake
Head of Product Marketing

Industry

The Biggest Factors Influencing API Security Today

Several key factors are driving the current state of API security, including the rise of AI, the ongoing digital transformation, a booming app economy, and the challenges posed by shadow IT and regulatory compliance.

Read more

July 9, 2024

Eric Schwake
Head of Product Marketing

Product

Salt Security Empowers API Governance with New Posture Policies Hub

Salt Security's Posture Policies Hub is a powerful new tool designed to help organizations simplify and streamline API posture governance.

Read more

June 21, 2024

Amanda Fitzsimmons
Head of Legal

Industry

Don't Get Salted: Why API Inventory is Key to PCI DSS 4.0 Compliance (and How Salt Security Can Help You Achieve It)

A secure API ecosystem starts with a clear understanding of what APIs you have and how they interact with your data.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back