Register for our Dec 19th Webinar: Beyond the Perimeter: Achieving Comprehensive API Security

Protecting your APIs on AWS with Salt

The only dedicated API Security Platform to achieve the AWS Security Competency as a qualified software partner

How to secure your APIs entire lifecycle on AWS

Why do you need a dedicated API security solution even on a leading cloud platform like AWS?

Identify security gaps with OAS analysis, Identity business logic flaws in pre-prod, Tune API security testing to API patterns, Discover shadow and zombie APIs, Identify exposed sensitive data, Classify data in API calls and responses, Baseline normal API behavior, Pinpoint and block OWASP API Top 10, Identify gaps in OAS documentation, Test production APIs for security gaps, Send developers remediation insights learned in runtime

The threats to APIs: exposure in the cloud

APIs recently became the main cybersecurity threat vector, with global enterprise data breaches impacting hundreds of millions of customer records.

Why WAF and API gateway are not sufficient on their own?

Due to the nature of typical API attacks — low-and-slow — and the architectural limitations of API gateways and WAFs, traditional protections are not able to prevent API breaches without understanding the context, including business logic.

As such, no native AWS service on its own is able to provide complete visibility and protection of the entire API lifecycle.

OWASP API Security Top 10

Because threats to APIs are significantly different when compared to what we’ll classify as traditional applications, an API-specific security risks list was released in 2019 — and recently updated in 2023 with significant contribution from Salt's experts.

Salt's API Protection Platform is able to protect against all of the OWASP API Security Top 10 threats!

Seamless integration across native AWS services

AWS WAF

Salt can trigger the web application firewall service to block API attack sources automatically, even in the early reconnaissance phase

Amazon API Gateway

Tapping into the REST and HTTP API traffic — through the AWS Lambda native extension with minimal latency and overhead

AWS Networking Services

Using VPC Traffic Mirroring to capture unencrypted traffic, while Application Load Balancer of ELB can mirror encrypted traffic

AWS Compute Services

Salt Sensor and Hybrid Server support a broad selection of compute services including EC2, EKS, ECS and Fargate

Salt Security AWS certifications

AWS Marketplace SellerAWS Qualified SoftwareAWS WAF ReadyAWS Security Software Competency

Featured News

Get the detailed “Salt on AWS” solution brief

Download

Flexible seamless deployment on AWS

Throughout the API lifecycle, you will be developing and deploying your APIs in your cloud native environment. Salt is able to tap into the API traffic through the services listed below. The API requests-responses will be then sent for analysis in our SaaS platform, directly or after sanitization through our Hybrid server deployed on AWS.

An accelerated procurement and provisioning process through the AWS Marketplace allows you to decrease your “Time to full API Protection”. If you have EDP/PPA agreement with AWS as an enterprise customer, your contracted cloud budget can be allocated to the Salt solution through the Marketplace. Private Offers are available for custom multi-year enterprise agreements.

What are your Salt deployment options on AWS?

Diagram of Salt on AWS.

Why the Salt Platform is built on AWS?

We decided to build our SaaS on AWS, due to its inherent high-level security, compliance and broad adoption. AWS is collaborating with cybersecurity companies like Salt to integrate and deploy their solution hand-in-hand.

Salt’s solution architects and field engineers are highly experienced and certified for AWS technologies, being able to quickly deploy API protection in complex multi-AZ, multi-VPC, multi-account environments.

Salt Cloud: Saas built on AWS