After evaluating multiple API security platforms, we found that only Salt Security had an architecture that could deploy in any of our environments, identify all our APIs, and recognize and block attackers before they could do any damage.
Nir Valtman, head of product and data security
No agents, no code changes, no configuration. Nothing inline, so no application impact.
With more than 60 ways to get a copy of your API traffic, we fit all your API types – internal, external, and third-party – and all your formats, including REST, GraphQL, and SOAP.
Our patented API Context Engine (ACE) architecture baselines your environment and identifies anomalies. It looks for a pattern of suspicious activity and consolidates activities into a single attacker timeline, reducing false positives and eliminating 96% of alerts.
Only Salt provides intelligent aggregation and consolidation of your API inventory, with insights into the security posture of your APIs.
Only Salt tracks users over days, weeks, and months to understand today’s drawn-out API attacks
Only Salt leverages insights from bad actors’ minor successes in runtime to craft remediation insights
Salt works with the tools and workflows you already use, so you can start protecting your APIs without introducing complexity or friction. With Salt, your security and DevOps teams will: