Fireside Chat: A New Strategy for Reducing API Risk

Watch On-Demand

Partner Page

Check out our dedicated AWS Partner Page

Key Resources

Get the detailed “Salt on AWS” solution brief

Securing APIs With Salt Using Agentless AWS VPC Traffic Mirroring

An overview of API gateways and API security

An overview of WAFs and API security

About AWS

Amazon Web Services (AWS) offers cloud computing services to individuals, companies, and governments. The Amazon API Gateway is a fully managed service that helps developers create, publish, maintain, and monitor APIs at any scale. The AWS WAF is a web application firewall that helps protect web applications against common web exploits that may affect availability, compromise security, or consume excessive resources.

Salt Security and AWS

AWS integrates with Salt to mirror a copy of API traffic to the Salt API Protection Platform from AWS virtual private clouds (VPCs), the Amazon API Gateway, and the AWS WAF. The Salt platform uses big data and patented artificial intelligence (AI) to analyze all API traffic and establish a granular baseline of legitimate behavior for your unique APIs. The platform maintains state across 100s of attributes of typical behavior for each user or entity, including aspects such as consistency of parameter input, frequency of requests, volume of response, and devices or addresses typically used. Through continuous analysis of API traffic, Salt provides real-time discovery of APIs, protection against threats, and insights to aid in the remediation of vulnerabilities. The Salt platform can also send enforcement commands to the Amazon API Gateway and the AWS WAF to block an attacker.