Salt Security today announced the launch of new enhancements to the Salt Security API Protection Platform that enhance API discovery, posture governance, and threat protection across organizations. These latest innovations empower organizations to proactively govern their API posture, gain visibility into encrypted and unencrypted API traffic, and outsmart sophisticated bad actors with quick, AI-powered insights.
According to the Salt Labs State of API Security Report 2024, API security incidents more than doubled within the past 12 months. The research also found that API usage is rapidly accelerating, with two-thirds now managing over 100 APIs every day. Organizations continue to struggle to keep pace with the threats associated with expanding API ecosystems, along with trying to accurately comprehend their complex behavioral attributes.
Salt has enhanced its capabilities in the posture governance domain and today introduces several new advanced features that are redefining next-generation application security. This includes the launch of:
- Panoramic Discovery with eBPF and Salt Surface: This extends governance visibility by improving the discovery of API traffic, vulnerabilities, and sensitive data, even in encrypted and complex environments.
- Salt Posture Governance Policy Hub: This allows organizations to establish and enforce API posture standards across the application lifecycle. It ensures that next-generation apps and GenAI initiatives comply with the best security practices.
- Full Lifecycle Posture Governance: Salt Security has updated its platform to help organizations extend API posture governance "left." The platform now enables organizations to more easily capture security posture noncompliance and establish posture validation gates beyond production into an API's design and test phases. This is achieved through new ecosystem enrichments, integrations, and enhanced in-platform posture validation functionality. This comprehensive approach ensures that Salt's Posture Governance Engine empowers risk reduction at all stages of an API's lifecycle.
- LLM-Powered Attacker Insights for Rapid Response: Salt's custom-built Large Language Model (LLM) to translate complex attack patterns into clear, concise, actionable insights. This enables security teams to quickly understand the attacker's identity, tactics, and intent, thus speeding up incident response and remediation efforts significantly.
- Novel Detection of Malicious Scanners, Bots, and Human Attackers: Salt Security employs innovative detection methods to differentiate traffic abnormalities originating from automated scanners, bots, and human attackers, accurately identifying whether traffic from these sources is malicious. This capability provides a comprehensive understanding of attack motivations, enabling security teams to prioritize and mitigate the most significant threats.
"Growing API ecosystems are making it increasingly challenging for companies to effectively monitor and track all activity within their API ecosystems, and quickly identify malicious intent," said Roey Eliyahu, CEO of Salt Security. "At Salt, our mission is to provide organizations with the most comprehensive API security. An offering that not only provides rapid threat detection but also provides organizations with the means to proactively improve their posture to plug security gaps before they can be exploited. Our latest platform innovations build on this, providing customers with additional visibility into their API traffic and the AI-powered insights required to quickly mitigate threats."
