In 2019, Salt Security launched an API Protection Platform that leverages Artificial Intelligence in order to provide detailed API traffic monitoring that detects malicious behavior and prevents attacks before they can happen. Salt is now expanding this platform to include automated OpenAPI Specification (OAS) analysis and new security analysis points.
The headline addition to this update is the addition of automated OAS Documentation and API compliance. Salt Security helps organizations understand not just how infrastructure should operate, but also how it is in reality. The press release explained the value of this new functionality:
“Salt sends real-time alerts whenever the APIs and exposed parameters it discovers do not match OAS documentation. Organizations can export the full discovery of APIs and exposed data as updated and accurate OAS files, ensuring documentation is complete before APIs are published and simplifying compliance.”
The company has also added what it refers to as “shift left” security capabilities. Shift left security describes an attempt to secure products earlier on in the development process and for Salt Security this is encompassed by the release of its new API security posture insights tool. This new tool is described as providing “actionable insights on exploitable vulnerabilities such as potential data leaks and security misconfigurations, before any actual attack has occurred. These insights help customers continuously improve their security posture and reduce their attack surface.”