Salt Security Applies Additional AI Capabilities to API Security
Salt Security has infused additional artificial intelligence (AI) capabilities into its software-as-a-service (SaaS) platform that should make it simpler to both discover APIs and triage levels of threat.
Nick Rago, field CTO for Salt Security, said one of the major challenges organizations face today is that hundreds, possibly even thousands, of APIs may already be in use—and discovering them all has been problematic for cybersecurity teams because application developers did not always document them.
The Salt Security API Protection Platform is now employing neural networks, also known as deep learning algorithms, alongside existing machine learning algorithms to discover all the APIs being used by an organization, he added. That capability also makes it simpler for cybersecurity teams to apply policies to groups of related APIs, said Rago.
At the same time, Salt Security has extended the AI model it created to distinguish between benign anomalies and those that represent the highest risk to the business. The platform, for example, will now surface anomalies via a Rapid Investigation mode that surfaces potentially severe threats faster based on the type of attack being launched, said Rago.
In general, these capabilities are made possible because Salt Security’s API Context Engine (ACE) is now able to analyze all API traffic over days, weeks and months, added Rago. That’s critical because many API attacks appear to be coming from legitimate users that, instead, are cybercriminals employing low-and-slow attack techniques to compromise business logic.
Overall, Salt Security, via its SaaS platform, is now analyzing more than one million anomalous users every day for indications of malicious activity at a time when cybercriminals are targeting APIs much more aggressively. The goal is to exploit misconfigured APIs that, in addition to making it possible to exfiltrate data, also provide access to business logic.
It’s not clear how quickly cybersecurity teams are embracing AI in general, but as the number of APIs being used to drive various digital business transformation initiatives increases, attacks against them also are steadily increasing. Salt Security is making a case for a platform that is designed from the ground up to address that issue at scale. That approach is different than relying on a rival platform that attempts to address API security as one element of a larger set of capabilities that have nothing to do with APIs, said Rago. In comparison to the Salt Security approach, those platforms are essentially a mile wide but only an inch deep, he added.
As every cybersecurity professional well knows, it’s not possible to secure what can’t be seen. Any approach to API security needs to start with visibility. The challenge is that, in addition to all the APIs currently being developed, there are hundreds that have already been deployed by developers with limited to no cybersecurity expertise. Inevitably, those developers will be needed to fix any insecure API problem that arises. Unless a cybersecurity team identifies the issue in the first place, though, it’s not likely developers will remediate an API vulnerability they don’t even know exists.
