Salt Security API Protection Platform

A platform designed to discover, protect, and remediate vulnerabilities in APIs using AI and big data analytics.

Multi-Cloud Proprietary Cloud Service Only
Category API Security
This page updated a month ago
Pricing Details Contact for pricing details.
Target Audience Organizations looking to secure their API ecosystems.

Technical Description of Salt Security's API Protection Platform

Core Function

The Salt Security API Protection Platform is designed to discover, protect, and remediate vulnerabilities in APIs. Here is a detailed, technically accurate description of its capabilities:

API Discovery

The platform scans networks to identify active API endpoints, including shadow and zombie APIs, using a combination of passive traffic monitoring and active probing techniques. It analyzes discovered endpoints against a database of known API specifications to flag potential security misconfigurations and sensitive data exposure.

Protection Mechanisms

The platform utilizes cloud-scale big data and patented artificial intelligence (AI) to analyze API traffic. It establishes a granular baseline of legitimate behavior for each API by monitoring hundreds of attributes, such as consistency of parameter input, frequency of requests, volume of response, and devices or addresses typically used. This continuous analysis enables the platform to pinpoint and stop threats during the reconnaissance phase, preventing attackers from advancing.

Remediation

The platform proactively identifies vulnerabilities in APIs before they serve production traffic. It captures minor successes of attackers, such as pen testers, to provide insights for development teams while stopping the attackers. This helps in improving the overall API security posture by providing actionable insights for remediation.

Integration and Deployment

The Salt Security platform integrates with various enterprise security tools and API gateways like Apigee, Kong, MuleSoft, and NGINX. It mirrors API traffic from these platforms to analyze and enforce security policies. The platform can send enforcement commands to block attackers and does not sit inline, avoiding performance bottlenecks for applications. Deployment is facilitated through a SaaS model, with support from customer success teams for onboarding and technical integrations.

Operational Considerations

  • Deployment: The platform deploys quickly and does not require inline positioning, thus avoiding performance impacts on applications.
  • Integration: It integrates with existing enterprise security tools and API gateways, leveraging big data and AI for comprehensive security.
  • Support: The platform includes access to customer support and customer success teams for full onboarding support, deployment, and technical integrations.

ISO 27001 Control Implementation

Primary Control Implementation

  • Incident Management (5.24-5.28)

  • The Salt Security platform helps implement incident management through structured workflows and response orchestration. It provides real-time API security incident alerts and correlated attack timelines, which can be integrated with SIEM solutions like Splunk ES to reduce investigation times and help teams respond effectively to incidents. Key evidence artifacts include audit logs and automated evidence collection features.

  • Access Control (5.15-5.18)

  • The platform supports access control by enforcing custom or pre-packaged security policies on APIs. It maintains a granular baseline of legitimate behavior and can send enforcement commands to block unauthorized access. However, organizations should ensure integration with enterprise IAM for comprehensive access governance.

Supporting Controls Commentary

  • Security Monitoring (8.15-8.16)

  • The platform supports security monitoring through continuous analysis of API traffic, anomaly detection, and real-time alerts. It integrates with SIEM solutions to provide a clear view of attack steps and sequences, aiding in timely reporting and response to security events.

  • Network Security (8.20-8.23)

  • The platform enhances network security by segregating legitimate from malicious API traffic and sending enforcement commands to block attackers. It works in conjunction with API gateways and WAFs to provide a layered security approach.

Key Metrics and Monitoring

  • Incident Response Metrics: MTTA (Mean Time To Acknowledge) and MTTR (Mean Time To Resolve) for incidents.
  • API Traffic Analysis: Monitoring of API request frequencies, response volumes, and parameter consistency.
  • Vulnerability Remediation: Tracking of identified vulnerabilities and their remediation status.

Skill and Training Considerations

  • API Security Knowledge: Understanding of API security best practices and common vulnerabilities.
  • AI and Machine Learning: Familiarity with AI-driven security solutions and their operational nuances.
  • Integration Skills: Knowledge of integrating security tools with API gateways and SIEM systems.

By focusing on these technical aspects, the Salt Security API Protection Platform provides a robust solution for securing APIs, aligning with key ISO 27001 controls and operational best practices.

Back Visit Website

Improve this page