Learn about the Salt + CrowdStrike Falcon integration
Learn more
Check out our dedicated AWS Partner Page
Get the detailed “Salt on AWS” solution brief
Securing APIs With Salt Using Agentless AWS VPC Traffic Mirroring
An overview of API gateways and API security
An overview of WAFs and API security
Amazon Web Services (AWS) offers cloud computing services to individuals, companies, and governments. The Amazon API Gateway is a fully managed service that helps developers create, publish, maintain, and monitor APIs at any scale. The AWS WAF is a web application firewall that helps protect web applications against common web exploits that may affect availability, compromise security, or consume excessive resources.
AWS integrates with Salt to mirror a copy of API traffic to the Salt API Protection Platform from AWS virtual private clouds (VPCs), the Amazon API Gateway, and the AWS WAF. The Salt platform uses big data and patented artificial intelligence (AI) to analyze all API traffic and establish a granular baseline of legitimate behavior for your unique APIs. The platform maintains state across 100s of attributes of typical behavior for each user or entity, including aspects such as consistency of parameter input, frequency of requests, volume of response, and devices or addresses typically used. Through continuous analysis of API traffic, Salt provides real-time discovery of APIs, protection against threats, and insights to aid in the remediation of vulnerabilities. The Salt platform can also send enforcement commands to the Amazon API Gateway and the AWS WAF to block an attacker.