API discovery: do you know where your APIs are?

Eliminate blind spots by automatically and continuously discovering all internal, external and third-party APIs.

• API details exposed. Granular details such as parameters, usage patterns, risk scores and sensitive data exposure that help you understand your attack surface and assess risk.
• Context-rich insights. Salt delivers the most detailed, context-rich filtering and querying available, enabling organizations to gain custom insights into their APIs.‍
• Discovery insights that drive governance. Use insights to derive and customize posture governance policies with Salt's industry-first API Posture Governance engine.‍
• No documentation? No problem. APIs not in your gateway or documented in an OpenAPI Specification (aka Swagger)? No problem.  Salt will still find them and add them to your library.

Deprecated, unknown and shadow APIs represent a significant risk to organizations.

• Gain visibility.  Shadow and zombie APIs typically represent anywhere from 40% to 800% of the total APIs organizations thought they had or what is noted in their documentation.
• Protect sensitive data. PII and other sensitive data can be exposed inadvertently through APIs not on your radar and increase risk dramatically.
• Keep documentation current. By continuously discovering your APIs, you can compare with your current documentation to ensure it's always accurate.

Continuously monitor API traffic and behavior to detect anomalies and potential threats

• Risk assessment. Evaluate the potential risks associated with each API, such as vulnerabilities, misconfigurations and sensitive data exposure.
• ‍Compliance. Ensure that APIs comply with relevant regulations and industry standards, such as GDPR, HIPAA and PCI DSS.‍
• Policy enforcement. Implementing and enforcing policies that define acceptable API behavior and access controls.