Salt Security: API Security Across Build, Deploy & Runtime
Salt Security protects the APIs that form the core of every modern application. Its API Protection Platform is the industry’s first patented solution to prevent the next generation of API attacks, using machine learning and AI to automatically and continuously identify and protect APIs. Deployed in minutes, the Salt Security platform learns the granular behaviour of a company’s APIs and requires no configuration or customization to pinpoint and block API attackers.
The Salt Security API Protection Platform secures the APIs at the heart of all modern applications. The platform collects API traffic across the entire application landscape and makes use of AI/ML and a cloud-scale big data engine to discover all APIs and their exposed data, stop attacks, and eliminate API vulnerabilities with scanning and testing in the build phase and remediation insights learned during runtime.
Easy integration to protect all APIs
Salt integrates quickly with any environment and doesn’t require agents, changes to application code, or configuration. As they’re not inline, there’s no impact on application performance, availability, or functionality. With support for more than 50 API collection options, Salt works anywhere and supports the most use cases to protect all customer APIs – internal, external, and third-party and including REST, GraphQL, and SOAP formats.
Rich context through continuous API traffic analysis
Salt’s patented API Context Engine (ACE) architecture – powered by cloud-scale big data, artificial intelligence (AI), and machine learning (ML) – continuously analyses a copy of all API traffic from customers’ environments. They leverage the rich context that their ACE architecture enables to discover all APIs, stop attacks, and test and scan your APIs during build, and help customers continuously improve API security.
Key capabilities of the Salt platform
Gain a complete view of the API attack surface
Salt automatically and continuously discovers all the internal, external, and third-party APIs, including unknown (shadow) and outdated (zombie) APIs and REST, GraphQL, and SOAP formats. Salt uncovers the granular details of each API, including exposed sensitive data, to help customers assess risk. It will also let you know when APIs are updated, or new APIs are released and when sensitive data exposure changes, so customers maintain an up-to-date view of their attack surface.
Pinpoint attackers and stop attacks
Salt uses the API context derived from their big data engine to establish a baseline for each API. They correlate all API and user activity, enabling them to uncover the reconnaissance actions of bad actors early in their probing. They consolidate the activity into a single alert with a complete attacker timeline, and customers can choose manual or automatic blocking, leveraging the inline devices they already have deployed.
Scan APIs in build and harden APIs in runtime
Salt is embedded throughout the API lifecycle to help customers build and deliver more secure APIs. They help eliminate vulnerabilities and gaps early in the dev cycle by analysing and testing APIs before release. They also help customers continuously harden their REST, GraphQL, and SOAP APIs by learning from attacker activity to identify vulnerabilities found only at runtime and provide clear remediation insights that development teams can apply to eliminate security gaps.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies. However you may visit Cookie Settings to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience. View Cookies Policy
These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Cookie
Duration
Description
_GRECAPTCHA
5 months 27 days
This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences, for example, your choice of language or region.
Cookie
Duration
Description
bcookie
2 years
LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie
2 years
LinkedIn sets this cookie to store performed actions on the website.
ELOQUA
1 year 1 month
The domain of this cookie is owned byOracle Eloqua. This cookie is used for email services. It also helps for marketing automation solution for B2B marketers to track customers through all phases of buying cycle.
lang
session
LinkedIn sets this cookie to remember a user's language setting.
lidc
1 day
LinkedIn sets the lidc cookie to facilitate data center selection.
locale
never
Facebook sets this cookie to enhance the user's browsing experience on the website, and to provide the user with relevant advertising while using Facebook’s social media platforms.
UserMatchHistory
1 month
LinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Cookie
Duration
Description
_gat
1 minute
This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
ADRUM_BT1
past
This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
ADRUM_BTa
past
This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat
1 minute
This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_gat_gtag_UA_154241828_1
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
ADRUM_BT1
past
This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
ADRUM_BTa
past
This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
CONSENT
2 years
YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
ELQSTATUS
1 year 1 month
This cookie is set by Eloqua. This cookie is used by PwC to track individual visitors and their use of site. This is set on the first visit of the visitor to the site and updated on subsequent visits.
These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Cookie
Duration
Description
_fbp
3 months
This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr
3 months
Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
optiMonkClient
1 year
This cookie is set by the provider Optimonk. This cookie is used for implementing the pop-up advertisement on the website. It stores the visitor behaviour on the pop up campaigns.
optiMonkSession
session
This cookie is set by the provider Optimonk. This cookie is used for implementing the pop-up advertisement on the website. It stores the time when the visitor started a session on the website.
VISITOR_INFO1_LIVE
5 months 27 days
A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC
session
YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices
never
YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id
never
YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId
never
This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests
never
This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.