The Salt platform creates a baseline of typical behavior and identifies any activity that deviates from the baseline. Our platform can detect deviations such as excessive login errors and the attempted manipulation of tokens, user IDs, or API parameters. Such attacks often come from users after authentication, so simply relying on authentication mechanisms to stop account takeover will not keep your users or data safe.
The Salt platform analyzes all API traffic to gain the full business context and can easily distinguish between “different” vs “malicious” activity. The Salt platform correlates all activity of any given entity and so can pinpoint an attacker trying to take over accounts and block them or send an alert to your security teams.
Because the Salt platform understands the typical data patterns for each entity and API endpoint, it immediately detects deviations, where an attacker might be trying to gain unauthorized access to accounts. You can configure the platform to automatically block such activity or to send alerts with a full attack timeline to incident response teams to analyze the activity and block the takeover of accounts.