Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Salt partners with Software AG on enhanced API security

Michelle McLean
Apr 7, 2022

Today Software AG shared the news about our joint partnership to improve API security. Salt has developed an integration with the Software AG Web Methods API Gateway to make it easy for our joint customers to augment the API management capabilities of Web Methods with the full lifecycle security capabilities of the Salt Security API Protection Platform.

The Salt Labs State of API Security Report Q1 2022 showed that in the last 12 months, API attack traffic grew 681% while overall API traffic grew 321%. By combining the API management capabilities of Software AG with API security from Salt, customers can get:

  • a complete inventory of all APIs, including those deployed in Web Methods and beyond
  • an understanding of where APIs are exposing sensitive data
  • runtime protection to identify and stop attackers
  • pre-production testing of APIs to identify security gaps
  • runtime remediation insights to harden APIs

Watch this short video to learn more about how our solution integrates with Software AG webMethods API gateway.

How Salt Security enhances API security

The State of API Security report highlights that 100% of Salt customers had WAFs and API Gateways but they all suffer API attacks that get past those devices. API gateways simply aren’t architected to capture and correlate API traffic over time. That kind of rich context, spanning days, weeks, and months, is essential for identifying API attacks.

Salt leverages the Web Methods platform as an API traffic collection point. It then feeds that traffic into its cloud-scale big data engine, applying AI and ML to baseline what’s “normal” across millions of users and API calls. When the platform identifies an API attack, it sends a command to the Software AG platform to block the attacker, protecting the customer’s vital data and services.

“We are very excited to partner with Salt to better address the growing need for enhanced API security in today’s digital business climate. The Salt Security API Protection Platform secures all APIs by preventing attacks and eliminating API vulnerabilities. Together with Software AG’s API management capabilities, our new partnership with Salt will help organizations discover and better protect their APIs against all types of threats.”
—Suraj Kumar, General Manager API, Integration & Microservices for Software AG

The Salt platform integrates with, and collects traffic from, a variety of devices in your organization’s enterprise architecture.  The Salt platform provides:

  • Full context for your APIs and their business logic
  • Continuous API discovery, cataloging, and data classification for internal, external and third-party APIs to uncover potentially sensitive data exposures
  • Detection of attackers in early reconnaissance phases, helping to stop an attack campaign before it results in an incident or breach for your organization
  • Actionable remediation guidance for development and integration teams when API security issues are detected in runtime, including but not limited to the OWASP API Security Top 10
  • API schema analysis and real-time traffic analysis for uncovering the differences between documented and undocumented APIs, as well as detailing undocumented functionality in known APIs
  • Detailed chronology for API call and response anomalies and malicious activity
  • Runtime detection and enforcement
  • Integration with a wide range of on-premises data center, hybrid cloud, and multi-cloud environments

The advantage of Salt + Software AG

Together, the Salt Security API Protection Platform and the Software AG Web Methods platform combine market-leading API security and API management capabilities, enabling you to:

  • Discover all your APIs, including undocumented functionality and potentially sensitive data exposures
  • Detect and stop attackers in their reconnaissance phases, avoiding security incidents that can result in brand damage, data exposure, data exfiltration, and regulatory penalties
  • Enhance your API security posture by providing actionable remediation guidance to development and integration teams to correct API vulnerabilities
  • Provide granularity on API consumption and invocation, automatically generating baselines and highlighting abnormalities that arise as a result of one-off API attacks and extended attacker campaigns

We’re excited to bring best-in-class API management and API security capabilities in this Salt+Software AG partnership. To learn more about API security, subscribe to the Salt Security blog, or request your personalized demo today.


Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

June 18, 2024

Salt Labs
Research Team

Salt Labs

Increasing API Traffic, Proliferating Attack Activity and Lack of Maturity: Key Findings from Salt Security’s 2024 State of API Security Report

The latest Salt Security State of API Security Report is out now, and we’re thrilled to give a little sneak peek of its contents.

Read more

June 12, 2024

Elad Hoffer
Head of Product R/T Protection


Salt Security Leading the Way in AI-Driven API Security for Next-Generation Threat Protection and Attacker Insights

Learn how the recent introduction of advanced LLM-driven attacker insights further solidifies Salt's position as a leader in API security solutions.

Read more

June 7, 2024

Eric Schwake
Head of Product Marketing

A Salt Security Perspective on the 2024 Gartner® Market Guide for API Protection

Salt Security's API Protection Platform is AI-infused and designed to address the challenges outlined in the Gartner report.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Learn everything you need to know to keep your APIs secure

Get the guide