Get the New State of AI & API Security Report (H1 2026)
Salt Labs

Salt Labs

Salt Labs identifies API threats and vulnerabilities in the wild across organizations around the globe. Our in-depth reports document the steps of an exploit, including the processes and tooling, to reveal an attacker’s approach, the data to be gained, and the steps to follow to avoid becoming a victim. We also apply our research to improve the ML and AI algorithms at the heart of our API security platform, so all our customers benefit from our on-going research.

About Salt Labs

Salt Labs, the research arm of Salt Security, is all about keeping APIs safe and sound. As APIs become a bigger part of our digital world, so do the risks that come with them. Salt Labs dives deep into these potential threats, spotting vulnerabilities before the bad guys can. By sharing our findings, we not only highlight important API security issues but we also help businesses strengthen their defenses and protect their digital environments.

But we doesn't stop at just finding problems — we also offer practical advice on how to fix them. Our research is based on real-world data, so we’re able to keep an eye on current trends and new risks in API usage. Salt Labs means companies can stay one step ahead, tackling issues before they turn into bigger problems. With our work, organizations get the tools and knowledge they need to keep their data safe and their digital services running smoothly.

Posts from Salt Labs

API security research is in our DNA — it’s how Roey and team first identified the need for a new generation security platform, one that could identify and stop API attacks.

Salt Labs
Salt Customer Attack Case Study: Blocking a Low-rate-per-bot HTTP DDoS Attack
Eran Atias
 |
January 12, 2023

Relying on WAFs alone for API protection is insufficient and leaves companies vulnerable.

Read more
Salt Labs
Missing Bricks: Finding Security Holes in LEGO APIs
Shiran Yodev
 |
December 15, 2022

We chose to investigate the services provided by LEGO, perhaps the most famous toy manufacturer in the world — because we contend this example sheds light on the reality of quick adoption of APIs and the risks that can come with that fast pace.

Read more
Salt Labs
OpenSSL Vulnerability Analysis — Denial of Service and Remote Code Execution
Salt Labs
 |
November 3, 2022

Insights regarding two new vulns that have been uncovered in the OpenSSL library — CVE-2022-3602 and CVE-2022-3786. These vulnerabilities affect OpenSSL.

Read more
Salt Labs
How to Protect APIs
Nick Rago
 |
August 25, 2022

As attackers have jumped on the API bandwagon, API threats have also changed, contributing further to the risks and demanding a new approach to protect APIs.

Read more
Salt Labs
API Security Incidents Nearly Universal Finds Latest “State of API Security” Report
Salt Labs
 |
August 3, 2022

State of API Security Report data highlights a daunting scenario: exploding attack activity, insufficient existing practices, and teams ill-prepared to address API security.

Read more
Salt Labs
4 Reasons Why Financial Services Companies Need Better API Security Now
Jennifer Dignum
 |
May 12, 2022

In today’s digitalized financial services landscape, find out what's propelling an urgent need for better API security.

Read more