Fireside Chat: A New Strategy for Reducing API Risk

Watch On-Demand

Key Resource

An overview of WAFs and API security

About Microsoft Azure

Microsoft Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers. The Azure web application firewall (WAF) is delivered from Azure and protects web applications from malicious attacks and common web vulnerabilities, such as SQL injection and cross-site scripting. Azure API Management is an API gateway that is used to manage APIs in Azure, on prem, and in multi cloud deployments.

Salt Security and Microsoft Azure

Microsoft Azure integrates with Salt to mirror a copy of API traffic to the Salt API Protection Platform from Azure virtual networks (VNets)  and the Azure WAF. The Salt platform uses big data and patented artificial intelligence (AI) to analyze all API traffic and establish a granular baseline of legitimate behavior for your unique APIs. The platform maintains state across 100s of attributes of typical behavior for each user or entity, including aspects such as consistency of parameter input, frequency of requests, volume of response, and devices or addresses typically used. Through continuous analysis of API traffic, Salt provides real-time discovery of APIs, protection against threats, and insights to aid in the remediation of vulnerabilities. The Salt platform can also send enforcement commands to the Azure WAF and Azure API Management to block an attacker.