Salt Security API Protection Platform

My main use case for Salt Security is that one of my clients uses it as a security vendor for their security across all of their overlying applications.

I can give you a specific example of how my client uses Salt Security to secure their applications. They use it to track behavior and leverage the AI to track behavior and block any attacks that could be coming in from outside the company, such as phishing or cybersecurity data breach attacks.

My client generally conducts a quarterly review where they receive any outstanding threats from Salt Security or review them, ensuring that any data is properly assessed and analyzed, and if there are any logic flaws, they are able to work through them at that time.

The best features Salt Security offers are definitely their behavioral AI to track API behavior as well as their vendor support.

One of my clients had a complex attack come through that Salt Security was able to identify and stop before it came through. They have also had questions about the application, and they were able to reach out and get proper support for implementing a change that they were looking for.

Their behavioral AI and vendor support are two of the key strengths of the application.

Salt Security has positively impacted my organization and my client's organization by being able to stop cyberattacks and ensure that they have proper security over all their applications. It gives them a sense of peace of mind that they have security over something that could ultimately take down the whole company if not mitigated properly.

I think Salt Security could improve their implementations. The one that I saw was very complex and took quite a bit of time, and if the environment is unique at all, it takes quite a bit of time to figure out how to properly ensure that it will be implemented.

A lot of times there is a steep learning curve for someone that hasn't been in it to figure out the APIs and really dig deep into it, but once you get used to it, it is easy. However, that ramp-up period could be tough.

I think Salt Security could use a more enterprise focus. Some of the smaller companies that I have referred them to think it is a little bit too complex for them, so if they could come up with a different version or something a little bit easier to simplify their platform, they may be able to find more customers that way.

I have been using Salt Security for three years.

Salt Security is stable.

Regarding scalability, for users in smaller environments, it is not exactly the best. As companies continue to grow, it is something that could be simplified, but it is not the most out-of-the-box, intuitive platform.

The customer support for Salt Security is phenomenal and has some of the best vendor support I have ever seen.

I did not previously use a different solution. The security was done in-house, and it was taking too long, and attacks were not being properly mitigated or stopped.

My experience with pricing, setup cost, and licensing is that I think it was affordable. For smaller companies, it might be a barrier to entry, but for the large enterprise that I was working with, it was not a problem.

I have seen a return on investment of 240 man-hours saved by the fact that they were able to stop and mitigate attacks.

My experience with pricing, setup cost, and licensing is that I think it was affordable. For smaller companies, it might be a barrier to entry, but for the large enterprise that I was working with, it was not a problem.

I did not evaluate other options before choosing Salt Security. This was the first RFP we put out, and we were fine with it.

I rate Salt Security an eight out of ten.

I give it an eight because the implementation complexity kept it from being a nine or ten.

My advice for others looking into using Salt Security is that if you are a larger company that needs quite a bit of security, it is a great option. However, if you are a smaller company or in a smaller environment, there may be other options for you.

Salt Security's AI capabilities regarding governance and security are very strong and help companies get peace of mind that they have the proper governance and security in place to stop any attacks that could possibly happen.

Salt Security's AI capabilities regarding accuracy and reliability of output are very accurate and very reliable, as I have seen use cases where it has actually stopped attacks.

I use Salt Security primarily for API discovery, mainly regarding data-sensitive information across the company. Before using Salt Security for API discovery and sensitive information, I didn't have any visibility regarding APIs in my environment. This was a significant issue because I had some APIs configured incorrectly and exposing sensitive information. With Salt Security, I could see these APIs and report to the owners to correct them.

Salt Security gave me much better visibility into API risk. It helped me identify exposed endpoints, misconfigured APIs, and sensitive data flowing through APIs that required additional controls. Salt Security has become an important part of my API security program.

The tool was straightforward to set up, and I gained visibility regarding the APIs that I didn't have before.

Alert tuning can require some time depending on API volume. Some findings need internal validation before actioning. The collaboration flows between security and engineering teams could be expanded further.

While the solution was straightforward to set up and gave me the visibility that I needed, it has to improve some details and features to achieve a perfect rating.

I have been using Salt Security for three years.

I experienced no stability issues.

I experienced no scalability issues.

Customer service was good.

The tool was straightforward to set up, and I gained visibility regarding the APIs that I didn't have.

Salt Security impacted my ROI positively. I mainly avoided incidents after using Salt Security.

The setup cost was acceptable, but adding additional APIs was actually quite expensive.

If you want to have more visibility into your network and API security, I recommend Salt Security. Be aware that it will be somewhat expensive. I would rate this product a nine out of ten.

We use it to provide enhanced and improved security around API integrations for organizations. Given the product's backing by Google and Sequoia Capital, it's truly great.

It fills a gap in the market. Organizations lack visibility into their API landscape and posture. They don't know if APIs are secure, well-developed, or have vulnerabilities. They also can't detect API attacks until it's too late.

Salt Security gives you visibility of all your APIs, identifies API security issues, and immediately alerts you of attacks.

These are the main things organizations lack, even if they're already using APIs. Salt fills that gap for them.

I've built integrations for different systems, and some specific integrations might not be built in yet. This might be an issue for large customers but is not a major concern overall.

So, the integration part could be a bit extended. Every organization has different systems, but Salt integrates with 90% of them. If a custom integration is needed, they can build it. They're very good at integrations. So, Salt Security can provide a proof of concept with system integration and share results within two weeks, which often leads to customer purchases.

At this point, the product covers everything needed. They keep adding new features, and my local customers haven't requested any missing functionality. The product roadmap is good for the market.

I have been with this solution for 18 months. It's new to the EDR market. I only launched in the New York market two years ago. We deal with the latest version.

It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues.

It's really, really scalable. Some customers handle seven billion API calls a month. That requires cloud deployment and scaling resources, which they do well, so ten out of ten.

It's relatively new, about ten organizations in South Africa, but we have ongoing proof of concept. The adoption is rapid.

The customer service and support are good; they know their stuff.

We still use XY and Netscout VSN, but they offer limited API security compared to Salt's comprehensive integration and stability. Salt created its own category.

Other vendors might be on-premise, part of larger solutions, or more complex. That's Salt's advantage and why it's gaining market share.

It's a SaaS solution that mirrors traffic, so it's not an inline solution. That means two weeks is a general guideline for implementation.

The deployment model is hybrid. Typically, in our market, it's hybrid with an on-prem server and the solution itself in the cloud.

The challenge with deployments is limited personnel due to rapid growth. I work with over a hundred companies in EMEA for evaluation, so technical constraints might arise.

However, we assist customers with integrations as it's more organizational than software-related.

We have a team of 20 engineers skilled in the solution to provide local support.

It is an annual subscription fee. It's very affordable. The value it provides justifies the cost, considering automation and availability features. Compared to other solutions, it's within a typical price range.

My initial discussions with organizations often reveal they lack visibility into their API landscape and sensitive data. The first discussion is how many APIs you have. How many integrations? Do you have sensitive data in your organization? And the answer from the head of security is, typically, "We don't know!"

Organizations need a solution. And from what you've seen, that's where solutions like Salt come in. So, I would recommend this to to any organization, large and small.

I would rate it a ten out of ten because it addresses fundamental risks that exist in dealing with sensitive information. It's crucial to have a solution like Salt in place. It's like a basic requirement, not just something that enhances efficiency.