Salt Safety launched an initiative to help businesses significantly reduce risk in their API ecosystem.
The Salt Technical Ecosystem Partner (STEP) program encompasses the integration of AI-based API security insights into existing workflows and tools within organizations. This integration allows joint customers to strengthen their security posture using the Salt Security API protection platform.
Salt introduced STEP’s first partners, focusing on API testing solutions. These partners include Bright Security, Invicti Security, StackHawk and Contrast Security, leaders in dynamic application security testing (DAST) and interactive application security testing (IAST).
These partnerships offer pre-built integrations, allowing organizations to deploy and:
- Take a risk-based approach to API testing: By bridging the gap between cloud and code, organizations can prioritize sensitive data and minimize vulnerabilities.
- Expand surface coverage to minimize risks: Leveraging Salt’s comprehensive and up-to-date API inventory, combined with vulnerability prioritization by testing partners, provides enhanced risk mitigation.
- Improve test quality: Organizations can harness the power of best-in-class testing capabilities spanning diverse domains, from OWASP and MITER to business logic, SQLi, XSS, and SSRF.
- Improve DevOps and DevSecOps efficiency: Existing testing technologies can be seamlessly integrated into development pipelines, minimizing friction for teams.
- Accelerate time to value: By integrating integrated development environments (IDEs) and software pipeline tools, organizations can accelerate their processes.
- Improve efficiency: Context-rich OpenAPI Specification (OAS) files are automatically updated in real-time, streamlining testing efforts and prioritization.
- Increase the speed of R&D: Focusing on priority APIs, such as external APIs or those containing personally identifiable information (PII), helps accelerate development efforts.
The STEP program extends beyond testing as Salt has also actively integrated with other technologies in the API ecosystem, including web application firewalls (WAFs), API gateways, and providers cloud security. This initiative includes the joint development of integrations with partners and the release of APIs to facilitate rapid access to valuable API data from the Salt system.
Roey Eliyahu, CEO and co-founder of Salt Security, said:
“Salt has taken a unique approach to solving the broad and serious challenge of securing APIs.
Our deep API context delivers the industry’s richest API discovery and runtime protection, and we’re now extending this adaptive intelligence to our partners’ best-in-class solutions, providing our customers with unparalleled API security.
Taking a “best in class” approach, the STEP program ensures that businesses benefit from industry-leading API security capabilities throughout the entire lifecycle. Recognizing that no single company can fully secure APIs across all disciplines, integrations from this program aim to provide customers with high-performance, easy-to-deploy, and effective API protection solutions.
Joni Klippert, CEO of StackHawksaid:
“Given the explosive growth in API development, it is imperative that teams prioritize and automate the security testing of their APIs and do so in a way that seamlessly integrates with developer workflows.
As part of the Salt STEP program, StackHawk is excited to deliver the most comprehensive, developer-focused API security testing solution to help organizations quickly deliver secure code.
Together, Salt and StackHawk provide organizations with the most robust end-to-end API security experience to quickly build secure software, monitor and respond to attacks, and integrate this feedback into software development creation and testing.
The urgency of API security has been highlighted by the increase in API-related threats and vulnerabilities.
The 2023 State of API Security The report states that 94% of organizations experienced security issues in their production APIs in the past year. Additionally, the growing costs of security breaches, which average $6.1 million, are expected to reach nearly $14.5 million by 2030.
Gadi Bashvitz, CEO of Light safetycommented :
“By leveraging intelligence derived from Salt, application security (AppSec) and development teams are equipped to significantly improve their organizations’ API security posture.
AppSec can provide governance of the AppSec program, and development teams can detect and remediate vulnerabilities early in the development lifecycle.
With Salt Security’s STEP program, businesses will benefit from a robust and comprehensive solution to address the evolving challenges of API threats and vulnerabilities.
See also: Mathew Payne, GitHub: Protecting code while promoting user experience
Want to learn more about cybersecurity and the cloud from industry leaders? Check Cybersecurity and Cloud Expo taking place in Amsterdam, California and London. The entire event is co-located with Digital Transformation Week.
Check out more upcoming enterprise technology events and webinars from TechForge here.