Eric Schwake

Salt Security blog

Highlights:Discover every API and API Gateway across your entire AWS environment.Achieve a complete, accurate inventory in minutes, not weeks or months.Deploy instantly with a simple, agentless connection.Traditionally, securing APIs in AWS has involved a frustrating trade-off. Obtaining a full view of your API Fabric requires weeks or months of deploying ... Read More

APIs are essential, but they also represent a growing and complex risk to your organization. Intricate application architectures and an ever-evolving threat landscape already make API security a constant challenge. The increasing reliance on APIs by new technologies, including AI, further amplifies this risk. Salt Security’s ecosystem integrations are designed ... Read More

Your business depends on APIs, which are essential for contemporary digital experiences, encompassing everything from mobile applications and IoT devices to the rapidly evolving AI landscape. With more than 80% of internet traffic now routed through APIs—a number projected to rise significantly due to AI developments—their security is crucial. Unfortunately, ... Read More

Highlights:Outdated Security Mindsets: Uncover why traditional thinking about API security creates dangerous blind spots for your business in the modern, fast-evolving digital landscape.APIs as High-Value Assets: Recognize the critical importance of treating your APIs, especially as their portfolio rapidly expands due to AI and digital transformation, as high-value business assets ... Read More

Highlights:Compliance Drives API Security: View regulations (like PCI DSS, HIPAA, GDPR, NYDFS) as key drivers for a strong API security posture, not just obligations.Posture Governance is Crucial: API posture governance is essential for meeting regulatory demands through consistent controls and continuous API landscape monitoring.Key Posture Elements: Compliance-driven posture includes API ... Read More

APIs serve as the foundation for modern digital innovation, supporting everything from mobile applications to intricate business integrations. However, as their numbers soar, with many companies experiencing annual growth rates of 50-100%, they have also become a significant target for cyber attackers. Relying on "good enough" API security could leave ... Read More

IntroductionIn the current cloud-centric environment, strong API security is essential. Google's acquisition of Wiz underscores the urgent necessity for all-encompassing cloud security solutions. Organizations should focus on both governing API posture — ensuring secure configuration and deployment to reduce vulnerabilities and assure compliance — and on effective threat detection and ... Read More

Highlights:NYDFS 23 NYCRR 500 mandates comprehensive cybersecurity for all NY financial IT assets.APIs are critical IT assets and fall under the full scope of NYDFS principles.Core NYDFS requirements (inventory, risk assessment, access control) directly apply to API assets.Salt Security helps apply NYDFS controls effectively to discover, govern, and protect API ... Read More

Navigating the cyber insurance market in 2025 feels tougher than ever. Premiums are rising, requirements are stricter, and underwriters are scrutinizing security controls with unprecedented detail. While you're likely focused on endpoint security, MFA, and backups, are you overlooking a critical attack surface that insurers increasingly care about? Your Application ... Read More

Highlights:Integrated API Discovery & Context: Combines Salt Security's AI-driven discovery with HCL AppScan's vulnerability testing for comprehensive API visibility.Enhanced Posture Governance: Leverages nearly 100 out-of-the-box policies and contextual discovery to create tailored security rules.Prioritized Risk & Remediation: Delivers contextual insights to focus on critical vulnerabilities and streamline remediation efforts.OWASP & ... Read More