Learn about the Salt + CrowdStrike Falcon integration

Learn more

Accelerate Incident Response

Only Salt delivers a complete view of all attacker activity in a consolidated timeline to reduce investigation times and help teams respond to attacks with confidence.

Connect the dots of attacker activity

Salt correlates all attack activity from the same user into a consolidated attack timeline, giving security teams a clear view of the steps and sequence of an attack. The Salt platform is able to correlate and associate dispersed activities with a single user despite attackers’ efforts to use varying IDs, IP addresses, and devices to propagate their attacks.

Reduce alerts and false positives

The Salt platform, with its big data and AI engine, maintains a massive baseline of typical behavior across millions of users simultaneously. It can distinguish simple one-off user mistakes or changed APIs from the patterns of an attacker, avoiding the false positives that render so many security solutions unusable. When malicious activity is the culprit, the Salt platform consolidates the activity, sending a single alert for the attacker, not one for each attacker activity, making it quick and easy for security teams to understand the situation and take action or leverage Salt’s automatic blocking.

Block attackers without blocking legitimate traffic

The Salt platform builds and retains context for each user to distinguish attackers. It correlates and compiles all the activities of an attacker and presents that data in a timeline view. Security teams then have the confidence to take action and block attackers without worrying about disrupting legitimate traffic.

Want to see the Salt platform in action?

Request a demo