Salt Unveils Enhancements to AI Algorithms for API Security
We’re pleased to share that Salt has extended the capabilities of our powerful AI algorithms, further strengthening the threat detection and API discovery abilities of the Salt Security API Protection Platform. (Check out today’s announcement.) Here at Salt, we always look forward to the RSA Conference, but this year we are doubly excited to attend and showcase these new advanced capabilities!
Salt invests significant resources into the continued innovation of our API security platform. Salt already delivers the industry’s most time-tested AI algorithms for API security. Now we have extended those capabilities with enhancements for API attack detection and more robust API discovery.
By applying learnings from more than five years in the market, Salt can now leverage intelligent insights to dependably detect and block attacker reconnaissance activity at an even deeper level. Using Salt, organizations can now:
- Better understand user intent to spot malicious activity
- Differentiate between high- vs. low-severity attacks to focus on the biggest threats
- Identify the most malicious attack events with a new Rapid Investigation mode in the Salt attacker timeline
- Gain a more accurate mapping of API endpoints to inventory and understand APIs at scale
Improved user intent detection
How valuable would it be to your organization to know when an API user shows malicious intent? There are many causes for anomalies in API behaviors, but trying to figure out which ones are benign versus real threats can take up a huge amount of your SoC team’s time. Consider the benefits of easily distinguishing API changes from API attacks, for example. Our AI model enhancements make it possible to do just that. By better understanding user intent, Salt helps you reduce your false positive rate, while ensuring accurate detection of true positives.
Ranking of API attack severity
By prioritizing threats, you can focus on and eliminate the ones that present the most danger first. Sounds simple, right? However, to fully understand which API threats present the most danger requires deep and comprehensive insights into user activities over a long period of time – meaning, days, weeks, and even months. By analyzing more than one million anomalous users daily, the Salt cloud-scale data sets can more easily spot different levels of severity for API attacks.
Consider the T-Mobile API breach earlier this year. Although the attack had been going on since November 2022, T-Mobile’s security team only caught the attack in January! With the Salt cloud-scale data set, this type of attack would have surfaced earlier in the Salt API security platform because of our ability to look at overall user activity over a longer period of time. This larger window provides more visibility and intelligence to spot malicious attacker reconnaissance activity.
Rapid Investigation mode in Salt attacker timeline
Our customers frequently tell us how much they like the Salt attacker timeline. As one customer wrote in a review on Gartner Peer Insights:
“The attacker timeline is a great feature because it shows the connected steps a bad actor is using to abuse our system.”
With our new Rapid Investigation mode, the most malicious attack events are now highlighted at the top of the attacker timeline. API attacks show no sign of slowing down – in fact, it’s quite the opposite. The Q1 2023 State of API Security Report found a 400% increase in unique attackers between June and December 2022. By underscoring the most critical threats, Salt helps SoC teams reduce the mean time to resolve (MTTR) API attacks.
Accurate mapping of API endpoints
Also in the latest edition of the State of API Security Report, Salt found that less than one out of five respondents are confident that their API inventories provide enough detail about their APIs and the data within them. Salt is on a mission to change that! With improvements to our AI and ML models, organizations get a more accurate mapping of API endpoints. This is particularly relevant for large enterprise customers by allowing them to use intelligent grouping to effectively track and catalog their APIs at scale.
All of our latest capabilities help address critical API security needs for enterprise organizations, and we are proud to demonstrate them at the RSA Conference. If you’re attending the show, please reach out to us to set up an in-person demo at our booth or drop by – you’ll find us at Booth #1535 South Expo Hall, Moscone. If you can’t make it to RSA this year, you can also contact us to set up a customized demo at another time.