Salt Security Hastens API Threat Detection

Salt Security, an API security company, announces the addition of advanced threat detection capabilities and improved API discovery to the Salt Security API Protection Platform.

Providing patented AI algorithms for API security, Salt includes richer detection of user intent, analytics to evaluate API threat severity, and rapid investigation enhancements that reduce time to resolution for API attacks.

In addition, Salt has strengthened its API discovery process with more comprehensive endpoint mapping to support API discovery at scale.

Salt will showcase these capabilities, as well as the rest of its award-winning API security platform, April 24-27, at the RSA Conference in San Francisco.

Using rich insights gathered from more than five years in customers’ environments, the Salt API data cloud can analyze all API traffic over days, weeks and months to detect and combat the low and slow approach of API attacks. With the latest improvements to its patented AI algorithms, Salt now delivers:

  • Enhancements to our core AI models – Salt has incorporated advanced models, including neural networks, to process more API data at faster rates into its patented API Context Engine (ACE) architecture. Salt also applies insights from thousands of customer environments into the data sets it uses for the supervised learning portions of the algorithms. These enhancements to the Salt patented API Context Engine (ACE) architecture underlie several new platform capabilities that span API attack detection and discovery.
  • Improved user intent detection – Salt taps its AI model enhancements to detect when an API user exhibits malicious intent. Since most anomalies are benign, platforms that provide anomaly detection flood SoC teams, reducing the platform’s value. These enhanced insights that distinguish API changes from API attacks enables Salt to reduce its false positive rate while ensuring accurate identification of true positives.
  • New threat severity analytics – Salt taps the power of its cloud-scale data sets to analyze more than 1 million anomalous users every day, looking at their behaviors, over long periods of time, for indicators of malicious intent. Since only 0.02 percent of traffic is malicious, Salt has been able to distill these signals from the noise and has augmented its attacker analysis to highlight different levels of severity for API attacks. The capability enables security teams to differentiate between high- vs. low-severity attacks, so they can focus their time and attention on the greatest threats. Tracking user activity over long vs. short periods of time is essential to surfacing today’s low-and-slow API attacks, which can take days and weeks to unfold.
  • A new Rapid Investigation mode – Salt has correlated attacks into a consolidated attacker timeline to help SoC teams streamline incident resolution. The Rapid Investigation mode identifies the most malicious attack events, highlighting them at the top of the attacker timeline. The Salt ACE engine analyzes the confidence of the Salt ML findings to identify these critical malicious events. Given the significant rate of increase of API traffic and API attacks, and the lack of commensurate growth in SoC teams, this capability helps SoC teams keep up with the growing threat of API attacks. The SoC teams can tap the intelligence of the Salt platform to scale operations better by reducing the mean time to resolve (MTTR) API attacks despite not having deep knowledge of the APIs themselves.
  • Advanced API discovery at scale – Salt improvements to its AI and ML models has enhanced its API discovery process. The latest version of the Salt platform provides a more accurate mapping of API endpoints. This intelligent grouping makes it practical for large organizations to inventory and understand their APIs at scale. Less intelligent systems create a usable catalog in real-world operations, listing an iteration of an API per dynamic component such as a user ID, for example. Organizations need intelligent coalescence and deduplication for effective cataloging at scale.

To learn more about the Salt Security API Protection Platform or to request a demo, please visit: https://content.salt.security/demo.html.