Subscribe to the Salt blog to learn about the latest developments in API Security

Salt Labs — API Security Research

Salt Labs furthers the broader Salt Security mission of enabling innovation through APIs by educating the broader market on the latest in API threats. Our research includes finding API vulnerabilities in the wild, documenting the tactics of threat actors, and helping organizations avoid or remediate the risk.

API security research is in our DNA — it’s how Roey and team first identified the need for a new generation security platform, one that could identify and stop API attacks. Salt Labs research educates practitioners on API security incidents and the missteps to avoid, making it safer for the world to innovate with APIs.

Our research

Salt Labs identifies API threats and vulnerabilities in the wild across organizations around the globe. Our in-depth reports document the steps of an exploit, including the processes and tooling, to reveal an attacker’s approach, the data to be gained, and the steps to follow to avoid becoming a victim. We also apply our research to improve the ML and AI algorithms at the heart of our API security platform, so all our customers benefit from our on-going research.

See Salt Labs research

Engage with us

Check out Salt Labs reports to get practical tips on how to avoid the most common API vulnerabilities. We’d love to hear from you on how you’re putting our findings to use or additional areas we should research. Share your feedback on our Contact Us page.

Join Salt Labs

We’re continuously growing our team of Salt Labs security researchers. Check out our open positions for more details on the skills and experience needed to join Salt Labs.

Security research

The Salt Labs team of security researchers identifies API security vulnerabilities across both published and private applications and services. The team publishes its findings, following responsible disclosure or preserving anonymity, so that the larger industry can learn from the exposures and improve their API security.

Learn More

Get the latest API security research and see how you compare

Get the report