Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post


Salt is Leading the Pack in API Security

Chris Westphal
Sep 13, 2021

As the great Vince Lombardi once said, “Leaders aren't born, they are made. And they are made just like anything else, through hard work.” 

Hard work is exactly why Salt is an Overall Leader in the latest KuppingerCole API Management and Security Leadership Compass and why we stand out among the pack of 20 vendors that range from well-established big-names to new entrants in the market. According to the author Alexei Balaganski, all 20 claim to provide at least some API security capabilities, but despite their claims, Salt is a leader, and here’s why.

Focus is critical

While all vendors covered in the Leadership Compass claim some level of API security capabilities, for most, the main focus remains on API management. Security in these platforms includes authentication, authorization, encryption, and rate-limiting — all foundational but not enough to protect against top API threats.

The market is quickly coming to terms with the need for focused solutions that protect APIs beyond the basic capabilities. One sign of enlightenment is Gartner’s latest report, Advance Your Platform-as-a-Service Security, highlighting API security as a new, distinct pillar in their updated reference architecture. 

The new API Security pillar sits among Control Plane Security, Data Plane Security, and Internet Edge Security, a category that includes traditional tools such as WAFs, WAAPs, and API gateways - clearly highlighting that these tools fall short of protecting APIs and focused solutions are needed. You can read more about Gartner’s latest reference architecture and what it means for API security in our blog here.

What makes a leader

In short, it’s our hard work, laser focus on API security, track record of innovation, and our growing customer base. More specifically, as Alexei writes, Salt stands out for:

A strong focus on runtime protection

We’ve been focused on runtime protection from day one, seeing that pre-production efforts and existing app security tools weren’t enough to protect APIs. We took a new look at the problem, built a platform based on big data, AI, and ML, and got a patent for our approach to identifying and preventing malicious API attacks.

No signatures, configuration, or training

Each API is unique, and so are its vulnerabilities meaning that signatures are irrelevant. Relying on configuration or training is an approach that can’t keep up with rapid API changes. Automation is the only way, and our approach based on continuous analysis of API traffic gives our platform an understanding of each API’s unique behavior and the context needed to pinpoint attackers and stop attacks.

Automatic and continuous discovery

We all know you can’t protect what you can’t see. By analyzing API traffic, Salt discovers all your APIs, including the unknown ones (shadow and zombie), uncovers the granular details, highlights sensitive data exposure, alerts to changes, and maintains an API catalog. With Salt Discovery, you always have an up-to-date view of your attack surface and an accurate understanding of risk.

Security across the full API lifecycle

Runtime protection is essential, but without eliminating vulnerabilities, you’re stuck playing a virtual game of whack-a-mole. That’s why we turn attackers into penetration testers, learning from their actions as they probe your APIs and sending insights to dev teams for quick remediation of gaps. We also help identify gaps early in the dev cycle, enabling developers to harden APIs before release.

Get the comprehensive list of best practices to guide your API security journey.

Customers say it all

Another area where Salt leads is in the Market category that looks at customers and product adoption. Not only are we the only pure-play API security vendor in this leader category, we’re also among big-name vendors with arguably a strong market presence. Our leadership here reflects our hard work and traction in the market and reinforces the previous point highlighting the need for focused API security solutions. 

A leader any way you slice it

Looking at multiple criteria is another way the report evaluates vendors. The view above combines the Market and Product categories showing how each vendor stacks up with market penetration and product capabilities. Salt sits above the line as an "overperformer," while vendors below lack customer adoption and platform features. 

Why focus matters

Salt leads the pack again in the combined view of Market and Innovation. Although we’re not above the line with other well-known vendors, it’s our customer traction and continued innovation in our product that makes us stand out. With API security being a rapidly evolving market segment, innovation is critical to meet emerging challenges and ensure the best protection possible.

We’re honored to be recognized by Alexei and the KuppingerCole team in this report for our hard work and leadership in API security. If you want to learn more about the Salt solution, why we were a leader in API security, and how to protect the APIs critical to your business, connect with us for a personalized demo.


Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

June 18, 2024

Salt Labs
Research Team

Salt Labs

Increasing API Traffic, Proliferating Attack Activity and Lack of Maturity: Key Findings from Salt Security’s 2024 State of API Security Report

The latest Salt Security State of API Security Report is out now, and we’re thrilled to give a little sneak peek of its contents.

Read more

June 12, 2024

Elad Hoffer
Head of Product R/T Protection


Salt Security Leading the Way in AI-Driven API Security for Next-Generation Threat Protection and Attacker Insights

Learn how the recent introduction of advanced LLM-driven attacker insights further solidifies Salt's position as a leader in API security solutions.

Read more

June 7, 2024

Eric Schwake
Head of Product Marketing

A Salt Security Perspective on the 2024 Gartner® Market Guide for API Protection

Salt Security's API Protection Platform is AI-infused and designed to address the challenges outlined in the Gartner report.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Learn everything you need to know to keep your APIs secure

Get the guide