Malicious entities persist in their cyberattack endeavors, consistently creating new ways to attack. Previously, there was a belief that establishing accurate authentication protocols for API interactions would suffice as a deterrent, compelling potential attackers to seek alternative avenues. However, insights from Salt Labs reveal a stark reality: 78% of these assaults originate from supposedly legitimate users who have adeptly manipulated the authentication mechanisms to serve their poor intent.
This dynamic underscores the imperative for organizations to continually fortify their defenses; adopting a proactive stance to counteract the ingenuity of these threats while maintaining vigilance against an increasingly sophisticated threat landscape.
To give organizations some assistance, Bright Security and Salt Security have teamed up to enable organizations to combine the power of the Salt platforms’s API adaptive intelligence with Bright’s API testing capabilities to deliver a comprehensive, easy-to-deploy and effective API protection solution.
Salt safeguards the fundamental APIs that underpin contemporary applications. Through the correlation of actions spanning myriad APIs and users over a duration, Salt provides comprehensive context via instantaneous analysis, offering ongoing insights to facilitate API discovery, preemptive measures against attacks and the reinforcement of API security.
Bright’s primary objective revolves around facilitating the rapid and secure deployment of applications and APIs in alignment with business timelines. Achieving this mission involves conducting swift and iterative scans that meticulously pinpoint genuine and high-priority security vulnerabilities.
Bright's dedication to empowering organizations for the secure deployment of applications and APIs harmonizes with Salt Security's mission to ensure API security throughout their entire lifecycle, offering unparalleled insights into the API ecosystem. Through the collaboration, entities attain the extensive functionality required to effectively tackle the escalating task of safeguarding APIs.
By combining the API security capabilities of both companies, customers will adopt a risk-based API testing model, broaden API coverage for reduced risk exposure,and elevate the quality of API security testing. They will also streamline operations for DevOps and DevSecOps teams, decrease integration time with existing development tools, boost efficiency and testing accuracy as well as prioritize API scanning for optimized R&D momentum.
“By combining our deep API intelligence with Bright’s dynamic testing, we’re empowering developers to forge more secure code from the outset, creating a strong defense against today’s sophisticated API-based attacks,” said Gilad Barzilay, Head of Business Development at Salt Security.
Gadi Bashvitz, CEO of Bright Security, echoes what Barzilay said.
“Our combined capabilities mean organizations can expect more robust governance over their application security, while developers can address vulnerabilities at the earliest stages of the development lifecycle," said Bashvitz.
The partnership between Bright and Salt reaffirms the necessity for organizations to adopt a broad strategy to enable API security.
Edited by Alex Passett