Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

DevSecOps for OpenAI: detecting sensitive data shared with generative AIs

It is clear a new technology is taking hold when it becomes impossible to avoid hearing about it. That’s the case with generative AI. Large language models (LLMs) like OpenAI’s GPT-4 and the more approachable ChatGPT are making waves the world over. Generative AI is exciting, and it’s causing a real fear of missing out for tech companies as they try to match competitors.

API3:2019 Excessive Data Exposure: Understanding the Risks, Impacts, and How to Prevent It

Excessive data exposure occurs when APIs reveal more fields, data, and information than the client requires through the API response. Excessive data exposure flaws expose all object properties to API calls rather than what the user needs to act on without considering the object’s sensitivity level. This vulnerability exposes you to data leaks, man-in-the-middle attacks, and other cyber threats. That is why excessive data exposure in APIs is listed as #3 in the OWASP API Security Top 10 2019.

Salt Security Wins Stevie Award for Most Innovative Tech Company of the Year

What a week we’re having – and it’s only Thursday! RSA has been action-packed, meeting with customers, showing off our new product enhancements, and booking time with new prospects. Interest in API security is running at an all-time high, as more organizations recognize what Salt saw years ago, that APIs entirely upend the security playing field!

Application Programming Interface (API) testing for PCI DSS compliance

This is the fourth blog in the series focused on PCI DSS, written by an AT&T Cybersecurity consultant. See the first blog relating to IAM and PCI DSS here. See the second blog on PCI DSS reporting details to ensure when contracting quarterly CDE tests here. The third blog on network and data flow diagrams for PCI DSS compliance is here.

A Big Week at RSA - Hot Company in API Security, API Defenders on the Show Floor

With warm and sunny weather expected all week, a bunch of the Salt team is thrilled to be at RSA in San Francisco! We’ll get the chance to talk with security leaders about why API security has become a priority project, and we’ll get time to catch up with customers and each other. It’ll be a great week!

Unified vs API-Based Integrated XDR Platform: What's the difference?

The terms unified and integrated are often used interchangeably in the software world. However, security leaders must understand the differences between deeply unified and API-based integrated platforms within an organization and how they can significantly impact everything from cost to efficiency. First, it is essential to define the terms.

PAN Verification API for the Gaming Industry: What You Need to Know

One of the guiding principles for organisations, whether they are major corporations or small firms, is to ensure compliance. Enforcing compliance helps organisations to adhere to fraud prevention guidelines, identify rule infractions, and shield a corporation from unwarranted penalties and legal action. PAN verification is one such crucial process before onboarding consumers, clients, and third parties in order to remain compliant and within the law.

Salt Unveils Enhancements to AI Algorithms for API Security

We’re pleased to share that Salt has extended the capabilities of our powerful AI algorithms, further strengthening the threat detection and API discovery abilities of the Salt Security API Protection Platform. (Check out today’s announcement.) Here at Salt, we always look forward to the RSA Conference, but this year we are doubly excited to attend and showcase these new advanced capabilities! Salt invests significant resources into the continued innovation of our API security platform.

The Ultimate API Penetration Testing Checklist

When was the last time your organization conducted an API security assessment? And did you have the framework and resources to do so? Now more than ever, companies need to know where their APIs are vulnerable to malicious actors. Check out the API Penetration Testing checklist, which outlines how to conduct an effective API security assessment for your organization.