Subscribe to our blog.

API Security Resources

Featured Resources

Salt in 90 seconds

OWASP API Security Top 10: Insights from the API Security Trenches

State of API Security

An Insider's View: The Updated OWASP API Top 10

Whitepapers, reports

Compliance and API Security: The NIS2 Directive

Compliance and API Security: The NIS2 Directive

Compliance and API Security: PCI DSS

Compliance and API Security: PCI DSS

Compliance and API Security: NIST 800-53

Compliance and API Security: NIST 800-53

State of API Security for the Healthcare Sector

State of API Security for the Healthcare Sector

State of API Security Report for Financial Services and Insurance

State of API Security Report for Financial Services and Insurance

Understanding API Attacks eBook

Understanding API Attacks eBook

State of the CISO Report

State of the CISO Report

State of the CISO Europe

State of the CISO Europe

OWASP API Security Top 10: Insights from the API Security Trenches eBook

OWASP API Security Top 10: Insights from the API Security Trenches eBook

API Security: What You Need to Do to Protect Your APIs

API Security: What You Need to Do to Protect Your APIs

State of API Security Report

State of API Security Report

Protecting Your APIs Protects Your Bottom Line eBook

Protecting Your APIs Protects Your Bottom Line eBook

Mapping the MITRE ATT&CK Framework to API Security

Mapping the MITRE ATT&CK Framework to API Security

2022 SANS Protects: Web Applications and Services

2022 SANS Protects: Web Applications and Services

Real-Time Mitigation of Cyberthreats to APIs: An Overview of the Salt Security Platform

Real-Time Mitigation of Cyberthreats to APIs: An Overview of the Salt Security Platform

A CISO's Essential Guide to API Security

A CISO's Essential Guide to API Security

Top Five Myths in API Security

Top Five Myths in API Security

Salt API Security Maturity Model

Salt API Security Maturity Model

API Security for Dummies eBook

API Security for Dummies eBook

API Security Best Practices Guide

API Security Best Practices Guide

API Security Checklist

API Security Checklist

API Security Evaluation Guide

API Security Evaluation Guide

Securing APIs: The New Application Attack Surface

Securing APIs: The New Application Attack Surface

The Limits of Shift-Left in API Security

The Limits of Shift-Left in API Security

APIs Require a Full Lifecycle Approach

APIs Require a Full Lifecycle Approach

Tackling the 3 Biggest API Security Challenges in Real-World Deployment

Tackling the 3 Biggest API Security Challenges in Real-World Deployment

Protecting APIs From Modern Security Risks

Protecting APIs From Modern Security Risks

Limitations of OAS-Based Blocking

Limitations of OAS-Based Blocking

Salt Security In A DevSecOps Model

Salt Security In A DevSecOps Model

Customer videos

Fireside Chat with Amway

Fireside Chat with Amway

Fireside Chat with Aon CSO Joe Martinez

Fireside Chat with Aon CSO Joe Martinez

Customer Stories: Prologis

Customer Stories: Prologis

Customer Stories: City National Bank

Customer Stories: City National Bank

Case studies

Kingston: A Case Study in API Security Transformation with Salt

Kingston: A Case Study in API Security Transformation with Salt

Jemena Case Study

Jemena Case Study

Guild Education Case Study

Guild Education Case Study

Berkshire Bank Case Study

Berkshire Bank Case Study

Xolv Case Study

Xolv Case Study

Financial Services Case Study

Financial Services Case Study

DeinDeal Case Study

DeinDeal Case Study

Financial Services Case Study

Financial Services Case Study

Additional videos

Video: Salt in 90 seconds

Video: Salt in 90 seconds

Salt Labs identify OAuth security gaps at Grammarly (now remediated)

Salt Labs identify OAuth security gaps at Grammarly (now remediated)

The State of API Security for Healthcare

The State of API Security for Healthcare

The State of API Security for Financial Services and Insurance

The State of API Security for Financial Services and Insurance

Nasdaq Trade Talks: The Impact a Digital-First Economy Has on the Chief Information Security Officer

Nasdaq Trade Talks: The Impact a Digital-First Economy Has on the Chief Information Security Officer

How the Digital-First Economy and Global Trends Impact CISOs

How the Digital-First Economy and Global Trends Impact CISOs

Why API Attacks are Different and How to Prevent Them

Why API Attacks are Different and How to Prevent Them

What you need to know about the updated OWASP API Security Top 10

What you need to know about the updated OWASP API Security Top 10

Mapping the MITRE ATT&CK Framework to API Security

Mapping the MITRE ATT&CK Framework to API Security

The business value of API security

The business value of API security

Salt Labs identify OAuth security gaps at Booking.com (now remediated)

Salt Labs identify OAuth security gaps at Booking.com (now remediated)

Fal.Con 2022: CrowdStrike Invests in Salt Security

Fal.Con 2022: CrowdStrike Invests in Salt Security

Some Disturbing Facts About API Security in Latest Salt Labs Report

Some Disturbing Facts About API Security in Latest Salt Labs Report

API Security: The New Imperative Videocast

API Security: The New Imperative Videocast

How To Prevent API Vulnerabilities Like Server-Side Request Forgery (SSRF)

How To Prevent API Vulnerabilities Like Server-Side Request Forgery (SSRF)

Salt Security Report Shows 681% Increase In Malicious API Attacks

Salt Security Report Shows 681% Increase In Malicious API Attacks

The Salt Security journey to Series D

The Salt Security journey to Series D

CapitalG on leading the Salt Series D round

CapitalG on leading the Salt Series D round

Anatomy of an API Attack: Broken Object Level Authorization

Anatomy of an API Attack: Broken Object Level Authorization

Anatomy of an API Attack: Credential Stuffing and Account Takeover

Anatomy of an API Attack: Credential Stuffing and Account Takeover

Anatomy of an API Attack: Elastic Injection

Anatomy of an API Attack: Elastic Injection

Cloud-Native Security: We Are Still Making The Same Mistakes

Cloud-Native Security: We Are Still Making The Same Mistakes

CISO Choice Awards interview with CEO Roey Eliyahu and security industry analyst Richard Stiennon

CISO Choice Awards interview with CEO Roey Eliyahu and security industry analyst Richard Stiennon

Real-world API Attacks: What your WAF is Missing

Real-world API Attacks: What your WAF is Missing

Chalk Talk on IAM, Gateways and WAFs

Chalk Talk on IAM, Gateways and WAFs

Chalk Talk on Zero Trust

Chalk Talk on Zero Trust

Chalk Talk on Workload Protection

Chalk Talk on Workload Protection

Chalk Talk on Shift-Left Security

Chalk Talk on Shift-Left Security

Chalk Talk on Cloud Security

Chalk Talk on Cloud Security

Why API Security Is Crucial For Modern Businesses with Michelle McLean

Why API Security Is Crucial For Modern Businesses with Michelle McLean

Tips To Sharpen Your API Security Skills - Understanding Developers

Tips To Sharpen Your API Security Skills - Understanding Developers

Tips To Sharpen Your API Security Skills - Understanding APIs

Tips To Sharpen Your API Security Skills - Understanding APIs

Think API attacks are hard? Think again

Think API attacks are hard? Think again

5 Common Security Practices That Fall Short Protecting APIs

5 Common Security Practices That Fall Short Protecting APIs

Security Needs To Think Differently About APIs

Security Needs To Think Differently About APIs

Traditional Web Application Attacks ≠ API Attacks

Traditional Web Application Attacks ≠ API Attacks

APIs Have Broken Your Security

APIs Have Broken Your Security

MythBusters API Edition - Zero trust is the way

MythBusters API Edition - Zero trust is the way

MythBusters API Edition – Workload protection secures APIs

MythBusters API Edition – Workload protection secures APIs

MythBusters API Edition – IAM, API gateways, and WAFs are enough

MythBusters API Edition – IAM, API gateways, and WAFs are enough

MythBusters API Edition – Cloud service providers protect your APIs

MythBusters API Edition – Cloud service providers protect your APIs

MythBusters API Edition – Developers will build in API security

MythBusters API Edition – Developers will build in API security

The Importance of API Documentation - API Security With a Pinch of Salt

The Importance of API Documentation - API Security With a Pinch of Salt

Using API Gateways For Security - API Security With A Pinch Of Salt

Using API Gateways For Security - API Security With A Pinch Of Salt

WAFs, What Are They Good For? - API Security With a Pinch of Salt

WAFs, What Are They Good For? - API Security With a Pinch of Salt

What Are JWTs And Are They Vulnerable To Attacks? - API Security With A Pinch Of Salt

What Are JWTs And Are They Vulnerable To Attacks? - API Security With A Pinch Of Salt

What Can Attackers Do With API Vulnerabilities - API Security With A Pinch Of Salt

What Can Attackers Do With API Vulnerabilities - API Security With A Pinch Of Salt

API Security Concerns Delay App Rollout, Means Lost Revenues : Salt Security Report

API Security Concerns Delay App Rollout, Means Lost Revenues : Salt Security Report

2019 RSA Sandbox

2019 RSA Sandbox

OWASP AppSec2019

OWASP AppSec2019

On-demand webinars

Becoming A Secure API First Company

Becoming A Secure API First Company

Fireside Chat: A New Strategy for Reducing API Risk

Fireside Chat: A New Strategy for Reducing API Risk

Understanding API Attacks: Why they are different and how to stop them

Understanding API Attacks: Why they are different and how to stop them

Stopping API attacks with Salt Security and AWS

Stopping API attacks with Salt Security and AWS

An Insider's View: The Updated OWASP API Top 10

An Insider's View: The Updated OWASP API Top 10

Office Hours: Tapping Cloudflare for API Security

Office Hours: Tapping Cloudflare for API Security

Office Hours: Building an API security strategy

Office Hours: Building an API security strategy

SANS Protects: Web Applications and Services

SANS Protects: Web Applications and Services

API Security Best Practices Webcast

API Security Best Practices Webcast

API Security Predictions for 2022

API Security Predictions for 2022

Office Hours: Log4Shell Vulnerability

Office Hours: Log4Shell Vulnerability

How Do They Get In?! Understanding the API Attack Vector

How Do They Get In?! Understanding the API Attack Vector

Securing APIs: The New Application Attack Surface with Securosis

Securing APIs: The New Application Attack Surface with Securosis

Security Mythbusting: Dismantling the Top 5 API Myths

Security Mythbusting: Dismantling the Top 5 API Myths

Lessons from the FinTech Trenches: Securing APIs at Finastra

Lessons from the FinTech Trenches: Securing APIs at Finastra

A Fresh Look at API Security

A Fresh Look at API Security

How to Manage Attacks, Vulnerabilities, and Complexities in APIs

How to Manage Attacks, Vulnerabilities, and Complexities in APIs

Articles, podcasts

CISO Series: Hacking API Security

CISO Series: Hacking API Security

CISO Series: 25 API Security Tips You’re Probably Not Considering

CISO Series: 25 API Security Tips You’re Probably Not Considering

How important is API security?

How important is API security?

Data sheets, solution briefs

Reducing Risk with Expanding API Use

Reducing Risk with Expanding API Use

Salt and CrowdStrike Joint Solution Brief

Salt and CrowdStrike Joint Solution Brief

How to Protect your APIs on AWS

How to Protect your APIs on AWS

Open Banking Solution Brief

Open Banking Solution Brief

Salt Executive Overview

Salt Executive Overview

Protecting APIs in Financial Services

Protecting APIs in Financial Services

Protecting FinTech APIs

Protecting FinTech APIs

API Security for LGPD

API Security for LGPD

WAFs and API Security

WAFs and API Security

WAAPs and API Security

WAAPs and API Security

API Gateways and API Security

API Gateways and API Security

Whitepapers, Reports
Customer Videos Case Studies Additional Videos
On-demand Webinars
Articles, Podcasts
Data Sheets, Solution Briefs

Back