I really love when a company whose product I’ve used becomes a customer. Today’s news about TripActions tapping Salt for API security is the latest example.
I really had fun interviewing the team at TripActions – my first chance to meet a customer in person in 18 months! Talking with the team there was inspiring – imagine being a corporate travel company as COVID sets in and business travel drops off precipitously.
TripActions managed that very tough situation with grace – getting passengers home safely as lockdowns began, enabling customers to stay safe when they still needed to travel, and innovating with new services to streamline operations for is corporate clients in areas such as duty of care and expense management.
TripActions delivers safety, savings, and sustainability to its customers, and APIs are the key to all those services. Salt is helping the company:
- discover all its APIs
- identify where APIs could expose sensitive data
- see how customers and employees are using APIs
- validate the pen testing activities of its internal testers and bug bounty program
It’s so gratifying to work with such a creative, dynamic team, and we really appreciate the collaboration. The TripActions team has shared powerful feedback, including:
“No one is doing what you guys do in API security. You saw the problem first, and you built the first solution. Now others are trying to do it too, but no one matches what you can do. You’ve been running in customer environments for all these years, so your product is way ahead – you have no real competition.”
Wow. And this from a company with top-notch security already – a strong app sec team, pen testers, robust bug bounty program, market leadership, and all the security tooling you’d expect. But API attacks are different, and TripActions saw the need to tap big data along with ML and AI to augment its API risk analysis and attack prevention capabilities.
The company has also appreciated the new integrations Salt developed to support the TripActions environment, and we’re helping the team identify gaps between the APIs that are actually running and what’s in developer documentation.
*** This is a Security Bloggers Network syndicated blog from Salt Security blog authored by Michelle McLean. Read the original post at: https://salt.security/blog/now-boarding-all-passengers-for-securing-travel-and-expense-apis