Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

The Debut of the Industry-First API Security Posture Management Engine

Michael Callahan
Jan 17, 2024

Today, we’re thrilled to share that Salt has launched extended capabilities to our powerful platform, adding yet another industry-first technical advancement to our trophy case! (full announcement here.) Since its founding, Salt’s been on a mission to create a platform that can detect, prioritize and solve the most complex API security challenges and risks. And over the years, we’ve done just that, building and fostering a solution that delivers the industry’s most time-tested AI algorithms for API security.

But as the threat landscape continues to evolve, and new attack techniques and tactics emerge, we pride ourselves on ensuring that our customers continually stay ahead of the curve. And well, we’d like to think of ourselves as perfectionists! After all, according to the Salt Labs State of API Security Report, Q1 2023, 94% of survey respondents experienced security problems in production APIs in the past year.

Fire the engine!

This leads us to our latest advancement - the launch of the API posture governance engine within the Salt Security API Protection Platform. The first and only of its kind, designed to deliver operationalized API governance and threat detection across organizations at scale.

Leapfrogging traditional posture management (CSPM, ASPM - the list goes on!), our API posture governance engine helps organizations minimize risk on their API first journey, boasting the ability to author corporate standards for API posture, and assess compliance with those standards, along with industry best practices, and regulatory requirements.

We know first hand how challenging it can be to enforce security standards across the API lifecycle, given the sheer volume of stakeholders involved in the process. Our posture engine ensures that everyone (yes, everyone!) who are part of this journey, from architects to developers, API product managers, and application security teams, are in sync and security standards are adhered to as an API makes its way through its lifecycle.

The engine captures API data with ease, simplifying how organizations share and respond to API threat intelligence. It is also enabled to provide pre-packaged templates for accelerated ramp up time, allowing customers to create their own posture rules, organize and categorize these rules, and extensively filter their APIs. As threats are constantly changing, the Salt AI-based runtime engine pulls from the largest data lake in order to continuously train the posture engine.

With the addition of this capability, Salt is the only API security vendor to deliver AI-based API security, advanced discovery and innovative posture gap analysis, which is needed to unlock the intelligence discovered within APIs.

There’s more where that came from…

But that’s not all, we mentioned we’re overachievers, right? With this latest release of the Salt platform, we’ve also added several other capabilities to improve API discovery, threat response and operationalization. Salt customers now have access to:  

  • New API filtering and querying capabilities which provides rich API asset discovery and management, helping organizations extract more intelligence and context from their discovered API assets.
  • More advanced behavioral threat response capabilities, offering SecOps personnel with the tools to bolster the prioritization, triage, and analysis of API related security events, drastically reducing response and resolution times.
  • Brand new ecosystem enrichment capabilities that can share API intelligence with the entire API lifecycle ecosystem. The Salt platform now has enhanced integrations with application security testing platforms, data enrichment through its public API, and advanced outbound integrations (like syslog and Splunk), designed to ensure that API security is an integrated part of a customers broader security infrastructure.
  • Enterprise onboarding and operationalization improvements that reduce API risk quickly with minimal operational friction.

All of our latest advancements to the Salt platform help address critical API security needs for enterprise organizations, and we are proud to finally share them with the world. To learn more about Salt’s API posture governance engine, join us for our webinar, “A New Strategy for Reducing API,” on Tuesday, January 30 at 9am PT/12pm ET. Register here. If you can’t make it, don’t fret, personalized demos can also be scheduled by visiting:


Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

June 18, 2024

Salt Labs
Research Team

Salt Labs

Increasing API Traffic, Proliferating Attack Activity and Lack of Maturity: Key Findings from Salt Security’s 2024 State of API Security Report

The latest Salt Security State of API Security Report is out now, and we’re thrilled to give a little sneak peek of its contents.

Read more

June 12, 2024

Elad Hoffer
Head of Product R/T Protection


Salt Security Leading the Way in AI-Driven API Security for Next-Generation Threat Protection and Attacker Insights

Learn how the recent introduction of advanced LLM-driven attacker insights further solidifies Salt's position as a leader in API security solutions.

Read more

June 7, 2024

Eric Schwake
Head of Product Marketing

A Salt Security Perspective on the 2024 Gartner® Market Guide for API Protection

Salt Security's API Protection Platform is AI-infused and designed to address the challenges outlined in the Gartner report.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Learn everything you need to know to keep your APIs secure

Get the guide