Salt Security: Attacker Data
Realtime API Security Incident Alerts
Salt Security makes it safe for companies to innovate by protecting the APIs at the core of SaaS, web, and mobile applications. Our API protection platform leverages Big Data and patented artificial intelligence (AI) to automatically protect against the vulnerabilities outlined in the OWASP API Security Top 10 and prevent attacks that can result in data exfiltration, account takeover, and service disruptions.
Salt Security Discovery automatically and continuously discovers all APIs that exist within your environment. This ongoing process creates a complete and up to date API catalog with granular details that include visibility into all PII processed and exposed by the APIs. This insight helps eliminate blind spots, assess risk, and determine sensitive data exposure even as APIs are updated or new APIs are added to the environment. Unlike other solutions, the Salt Security solution does not require any existing documentation such as an OpenAPI Spec (aka Swagger) to perform discovery.
Salt Security Prevention uses Big data and patented AI to enable the collection and analysis of activity of millions of users in parallel. This allows the solution to piece together the subtle probing of an attacker during reconnaissance, assess the risk of activity, pinpoint, and stop them early in their process. Correlated insights help reduce the number of alerts, eliminate false positives, and allow incident response teams to quickly assess alerts so attackers can be blocked before attacks are successful.
Salt Security Remediation helps bridge the gap between security and development teams to enable efficient elimination of vulnerabilities in APIs. Our platform uniquely uses attackers as penetration testers to identify potential vulnerabilities and provide remediation insights to development teams, helping them quickly understand, prioritize and eliminate vulnerabilities at their source in the API.
The Salt Security solution is deployed in minutes, and requires no configuration or customization to provide real time discovery, protection against API attacks and remediation insights.