Salt Security API Protection Platform

Additional Info

CompanySalt Security
Company size (employees)100 to 499
Headquarters RegionNorth America
Type of solutionSoftware


The Salt Security API Protection Platform empowers companies to identify risks and vulnerabilities in APIs before they are exploited by attackers, including those in the OWASP API Security Top 10.

Salt is the only patented API security solution that utilizes cloud-scale big data combined with AI and ML to correlate activities across millions of APIs and users over time. By delivering context-based insights across the entire API lifecycle, Salt enables users to detect and block the reconnaissance activity of bad actors before they can reach their objective. No on-prem solution has the data capacity to catch today’s sophisticated attacks, such as a single parameter BOLA attack.

Its unique API Context Engine (ACE) architecture provides API design analysis in pre-production, discovers all APIs, pinpoints and stops API attackers, and provides remediation insights learned during runtime that developers can use to harden their APIs. The Salt runtime protection prevents data exfiltration, account takeovers, and service disruption, while its continuous monitoring capabilities simplify compliance.

In 2022, Salt unveiled deeper and earlier insights into attacker behaviors and attack patterns, visual depictions of API call sequences and support for attack simulation ahead of releasing APIs into production.

With the new capabilities, Salt strengthened its market-leading capabilities in runtime protection, providing organizations with a more comprehensive view of API usage and the API attack surface.

Deployed in minutes, the Salt Security platform learns the granular behavior of a company’s APIs. Through its ability to correlate insights, it reduces the number of alerts, eliminates false positives, and allows incident response teams to assess alerts and block attackers quickly. In addition, the platform can be deployed without the need for agents, code changes, configuration or tuning.

The Salt API security platform continues to lead the market with the simplest, most comprehensive, and most effective API security offering.

How we are different

Salt is the first and only API security solution to utilize cloud-scale big data combined with AI and ML to collect and correlate hundreds of API characteristics, providing the richest context for baselining typical behavior. As a result, Salt can detect the most subtle and sophisticated of attacks that other dedicated API security platforms miss because they do not cover as many environments or process as much data. Salt enables organizations to more easily spot and block API attacks and more quickly identify unusual API usage patterns and remediate vulnerabilities.

Unlike any other offering on the market, the Salt platform provides both continuous runtime protection and developer insights, enabling companies to ensure that data and services are immediately protected even while developers harden APIs.

Salt Security holds the only granted patent for using AI to identify and prevent API attacks. In June 2022, Salt Security was handpicked by Gartner, the world’s leading technology analyst firm, to participate in the first-ever showdown focused on API Security at the Gartner Security & Risk Management Summit. There, Salt was recognized for its unique platform that includes automatic API discovery, attack prevention, design analysis, and remediation insights.