With eight robust apps in use plus another four or five under development, Xolv needed a solution that could automatically and continuously discover all its APIs, eliminate blind spots, assess risk, help vet the security posture of the APIs, and protect APIs from attack without throwing false security alerts.
Top use cases for Xolv:
- find shadow APIs: Xolv uses Salt to discover its full inventory of APIs and document them, including shadow or unknown APIs, along with the sensitive data they expose. Xolv can also leverage Salt to identify zombie APIs, or APIs that should have been deprecated.
- prevent data exfiltration: By leveraging the Salt API Context Engine (ACE) to identify abnormal behavior, the Xolv security team can stop attackers during the early stages of an attempted attack, automate that blocking as desired, and share insights to improve the company’s API security posture.
- prevent account misuse/fraud: Xolv can configure the platform to automatically block this type of activity or send alerts with a full attack timeline to incident response teams to analyze the activity and block account misuse.
- remediation to write better APIs: Salt provides Xolv with remediation insights derived across build and runtime to help the company’s development teams strengthen API security during the development phase.