Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Cybersecurity Excellence Awards Trifecta - Earning Gold x3

It’s our own version of the triple crown! Salt Security has won gold in not one, not two, but three categories in the 2023 Cybersecurity Excellence Awards! It’s like being at the Oscars and winning Best Picture, Best Actor, and Best Director! Check out our award announcement! This year, Salt won highest honors for: Being recognized as the top solution for API security means a lot to our team.

We are open sourcing our SAST solution!

For the last two years, we’ve been quietly building a new kind of static application security testing (SAST) solution that allows security and engineering teams to assess, prioritize, and remediate security risks and vulnerabilities in their code by what matters most - sensitive data. Today, we are officially announcing its release as an Open Source project, Bearer.

Get Smart(er) about the business value of API security

API attacks have dominated the cybersecurity news cycle lately. In early 2023, T-Mobile made news for an API-based breach of 37 million PII records of its past and present customers. And last year, Optus, a major telecommunications company in Australia, experienced an API security incident that exposed around 10 million customer records. And API attacks that aren't quite as ”newsworthy” happen every single day.

Stop Working in Silos: Integrating with APIs

Is your security tool an island? Does it do its singular task with little more to offer than what it says on the package? Too many security offerings behave as singular entities, forcing you to constantly perform task switching to complete a job. If you are using a robust tool, then you may not be taking full advantage of its capabilities. Many capabilities of a good tool can be broadened with the use of an Application Programming Interface (API)

API Security 101: Understanding the Risks and Implementing Best Practices

API security is the process of effectively securing APIs owned by the organization and external APIs used by implementing API-specific security strategies. It secures API vulnerabilities and misconfigurations and prevents their exploitation by attackers. It mitigates a wide range of API security threats and helps effectively manage risks associated with APIs.

Being with the "best of the best" as a YC Top Company

Salt has long benefited from the unique support that comes from being part of the Y Combinator accelerator program (Salt was in the Winter 2016 batch), and all these years later, we’re thrilled to have been named to not one but two of YC’s Top Company lists – the Top Private YC companies 2023 and the YC Breakthrough Companies 2023. For the Top Private list, it’s deja vu all over again, since we made that list last year as well.

Traveling with OAuth - Account Takeover on Booking.com

OAuth (Open Authorization) is a modern, open authorization standard designed to allow cross-application access delegation – for example, allowing your application to read data from your Facebook profile. Combined with the proper extensions, OAuth can also be used for authentication – for example, to log into your application using Google credentials. Since its first introduction in 2006, OAuth has gained tremendous popularity.

Sponsored Post

How to integrate continuous API fuzzing into the CI/CD?

API security is a growing concern for businesses that offer or consume APIs. APIs, or application programming interfaces, allow different software systems to communicate and exchange data. They allow businesses to build integrations and connect with partners, customers, and other stakeholders. However, as more sensitive data is being shared through APIs, it is essential to ensure that these interfaces are secure and protected from unauthorized access or manipulation. In this blog post, we'll discuss how continuous fuzzing can be a powerful tool to secure APIs and how developers can adopt a "secure by default" approach by integrating continuous fuzzing into SDLC processes.

How an Automated Onboarding API Can Streamline Your Business Processes

Definition: Automated onboarding is a process designed and scripted before user onboarding. It is an entire user or customer onboarding process that doesn’t require real-time human interaction and is frequently supported by in-app messages and instructions that are specifically created to ensure a positive onboarding experience and, therefore, customer satisfaction.