Subscribe to the Salt blog to learn about the latest developments in API Security

Blog Post

Product

Extending our Lead in API Security — Augmenting our “Shift Left” Features

Michelle McLean
May 12, 2021

As the first company to deliver an API security platform, we here at Salt take enormous pride in our leadership position in this exploding market. We’ve built the best technology, earning the most customers, funding, and accolades along the way, and today we’re excited to share a few ways we’re extending our technical leadership.

Salt is uniquely focused on securing APIs across their full lifecycle — we believe organizations need to both “shift left” and “protect right,” as in RIGHT NOW. You need to get feedback to developers so they can write better APIs that let you stop playing “whack-a-mole,” fixing the same problem in runtime over and over. Keep the balance, though — you don’t want to over-rotate on shift left. We see CISOs looking to put in place protections that stop attackers right now, so no matter what happens in the DevOps processes, the data stays safe. As the CISO of Armis, Curtis Simpson, put it recently, “Improving dev practices is super valuable, but you can’t shift everything left at once. You’re changing the culture along with introducing a bunch of new technology into the pipeline. So with Salt, you get protected right now, and then you can focus on getting developers the remediation insights.”

Get the comprehensive list of best practices to guide your API security journey.

We’re making those insights even stronger with our recent enhancements. We’ve always used the minor successes of hackers doing the probing to learn a company’s APIs as a source of insight into how our customers can harden their APIs — using attackers as pen testers, we call it. In the latest series of updates to the Salt SaaS platform, we’ve added:

  • API security posture insights — the Salt platform identifies potential data leaks or security misconfigurations regardless of whether any hacker has tried to exploit them.
  • OAS comparison and updates — the Salt platform compares your OAS documentation to the APIs and sensitive data we automatically discover, highlighting where reality diverges from developer documentation. We often find customers have 10 times the number of APIs they think they do, and documentation is always missing tons of parameters.
  • automated alerting and OAS documentation — we send real-time alerts whenever the APIs and exposed parameters that we discover are out of synch with your OAS documentation. You can also export the full set of APIs and their exposed data, which we’re constantly discovering and updating, as OAS files you know are accurate and up to date. Such documentation can be super helpful in simplifying compliance.

So check out what Salt can do to keep your data and services protected from API hackers, who’ve figured out it’s well worth their time and resources to go after your APIs! Get a personalized demo, or check out how other customers are tapping the power of the Salt C-3A Context-based API Analysis Architecture to keep their APIs safe.

Tags

Salt Security Blog

Sign up for the Salt Newsletter for the latest resources and blog posts.

November 5, 2024

Eric Schwake
Head of Product Marketing

Industry

API Security: The Non-Negotiable for Modern Transportation

Airlines and transportation companies heavily rely on APIs to handle sensitive data, from customer information to payment details and flight schedules. While crucial for efficient operations, these APIs are also prime cyberattack targets.

Read more

October 31, 2024

Alexandria Nicosia
Social Media Manager

Industry

Securing APIs in Retail: Safeguarding Customer Data

In the fast-paced retail industry, where customer trust and data protection are critical, API security must be a top priority to ensure both reliability and a seamless customer experience, confidence, and trust in digital services.

Read more

October 30, 2024

Eric Schwake
Head of Product Marketing

Customer

Salt Security and Dazz: A Powerful Partnership for API Security

Integrating Salt Security and Dazz provides a robust solution for organizations aiming to enhance their API and application security.

Read more

Download this guide for advice on evaluating key capabilities in API Security

Get the guide
Back