Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

The Debut of the Industry-First API Security Posture Management Engine

Michael Callahan
Jan 17, 2024

Today, we’re thrilled to share that Salt has launched extended capabilities to our powerful platform, adding yet another industry-first technical advancement to our trophy case! (full announcement here.) Since its founding, Salt’s been on a mission to create a platform that can detect, prioritize and solve the most complex API security challenges and risks. And over the years, we’ve done just that, building and fostering a solution that delivers the industry’s most time-tested AI algorithms for API security.

But as the threat landscape continues to evolve, and new attack techniques and tactics emerge, we pride ourselves on ensuring that our customers continually stay ahead of the curve. And well, we’d like to think of ourselves as perfectionists! After all, according to the Salt Labs State of API Security Report, Q1 2023, 94% of survey respondents experienced security problems in production APIs in the past year.

Fire the engine!

This leads us to our latest advancement - the launch of the API posture governance engine within the Salt Security API Protection Platform. The first and only of its kind, designed to deliver operationalized API governance and threat detection across organizations at scale.

Leapfrogging traditional posture management (CSPM, ASPM - the list goes on!), our API posture governance engine helps organizations minimize risk on their API first journey, boasting the ability to author corporate standards for API posture, and assess compliance with those standards, along with industry best practices, and regulatory requirements.

We know first hand how challenging it can be to enforce security standards across the API lifecycle, given the sheer volume of stakeholders involved in the process. Our posture engine ensures that everyone (yes, everyone!) who are part of this journey, from architects to developers, API product managers, and application security teams, are in sync and security standards are adhered to as an API makes its way through its lifecycle.

The engine captures API data with ease, simplifying how organizations share and respond to API threat intelligence. It is also enabled to provide pre-packaged templates for accelerated ramp up time, allowing customers to create their own posture rules, organize and categorize these rules, and extensively filter their APIs. As threats are constantly changing, the Salt AI-based runtime engine pulls from the largest data lake in order to continuously train the posture engine.

With the addition of this capability, Salt is the only API security vendor to deliver AI-based API security, advanced discovery and innovative posture gap analysis, which is needed to unlock the intelligence discovered within APIs.

There’s more where that came from…

But that’s not all, we mentioned we’re overachievers, right? With this latest release of the Salt platform, we’ve also added several other capabilities to improve API discovery, threat response and operationalization. Salt customers now have access to:  

  • New API filtering and querying capabilities which provides rich API asset discovery and management, helping organizations extract more intelligence and context from their discovered API assets.
  • More advanced behavioral threat response capabilities, offering SecOps personnel with the tools to bolster the prioritization, triage, and analysis of API related security events, drastically reducing response and resolution times.
  • Brand new ecosystem enrichment capabilities that can share API intelligence with the entire API lifecycle ecosystem. The Salt platform now has enhanced integrations with application security testing platforms, data enrichment through its public API, and advanced outbound integrations (like syslog and Splunk), designed to ensure that API security is an integrated part of a customers broader security infrastructure.
  • Enterprise onboarding and operationalization improvements that reduce API risk quickly with minimal operational friction.

All of our latest advancements to the Salt platform help address critical API security needs for enterprise organizations, and we are proud to finally share them with the world. To learn more about Salt’s API posture governance engine, join us for our webinar, “A New Strategy for Reducing API,” on Tuesday, January 30 at 9am PT/12pm ET. Register here. If you can’t make it, don’t fret, personalized demos can also be scheduled by visiting: https://content.salt.security/demo.html.

Tags

API Security 101
API Security Strategy
API Posture Governance

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

July 26, 2024

Hadar Freehling
Principal Solution Engineer
API Security Strategy
API Attack Analysis
Salt Labs

Salt Labs

Another API Security Breach: Life360

The latest API breach occurred on the Life360 platform where an advisory was able to gleam 400k user phone numbers.

Read more

July 24, 2024

Eric Schwake
Head of Product Marketing
API Security Strategy
API Security 101

Industry

How Salt Catches Low and Slow Attacks While Others Can’t

Most API security solutions are designed to stop simulated attacks in a lab environment. They fail miserably in real world, low and slow attacks which are how attacks happen in practice

Read more

July 23, 2024

Eric Schwake
Head of Product Marketing
API Security Strategy
API Security 101
API Attack Prevention

Industry

Detecting API Threats In Real Time

Recognizing the value of the sensitive data APIs carry, attackers have adapted their tactics, necessitating a fundamental shift in the approach to API security.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back