Salt Security on Wednesday announced new enhancements to its next-generation Salt Security API Protection Platform, aiming to extend its abilities in threat detection and pre-production API testing.
The latest features include deeper and earlier insights into attacker behaviors and attack patterns, visual depictions of API call sequences, and support for attack simulation ahead of releasing APIs into production.
With the new capabilities, Salt Secuirty looks to enhance its capabilities in runtime protection, offering organizations a more comprehensive view of API usage and the API attack surface so they can improve their understanding of the attack surface and accelerate incident response time.
"Our latest platform capabilities deliver critical insights sooner and across the full API lifecycle,” said Elad Koren, chief product officer at Salt Security. “With increased context over time, combined with automated threat alerts, organizations can better defend themselves against attacks and fix API vulnerabilities before they can be exploited."
While improved threat hunting and attack simulation capabilities will help secure APIs overall, their usage will pay even greater dividends in a cloud environment, mainly because so many APIs are written for cloud apps, said Ryan Kennedy, cyber security consultant at nVisium.
“Cloud infrastructure will always be a popular target for attackers given its ubiquity,” said Kennedy. “Detecting anomalies in API usage and traffic, as well as analyzing attacker behavior has become a great way to leverage the existing capabilities of the cloud to secure any APIs of the hosted application, as well as the underlying cloud infrastructure.
Christopher Rodriguez, research director for security and trust at IDC, said while he has not been briefed on this new features, it does make sense to understand and map all paths to data that attackers might take. Rodriguez said web apps and mobile apps are part of that mission: APIs are as well.
“Although they’ve been hidden in plain sight for years, more recently they have been a popular target for attackers," said Rodriguez. “While APIs are a target for direct access to siphon data or inject code, much like traditional application front-ends, they are also a path to gain footholds into other systems, leading to several high profile data breaches in recent years.”