Salt Introduces DevSecOps Platform Detecting Abnormal API Activity
Cybersecurity start-up Salt has introduced out a new security platform which, the company claims, integrates security into DevOps principles, by making it possible to detect when APIs are being probed by cybercriminals looking for weaknesses to exploit.
The SaaS platform uses machine learning algorithms to establish a baseline for how APIs are being evoked across an IT environment. The platform then monitors activity to detect any anomalies, which might indicate cybercriminals engaging in reconnaissance of API traffic. This analytics is intended to allow DevOps teams to prioritize fixes to any potential security flaw cyber-attackers might exploit.
This approach advances DevsSecOps because the Salt Security technology makes it possible to feed requests to address those security issues directly into a continuous integration/continuous deployment (CI/CD) platform, according to Salt CEO Roey Eliyahu.
The challenge organisations face is each API is unique to each application and the organization that builds them, which means each has unique logic and, by extension unique vulnerabilities, said Eliyahu. Existing cybersecurity tools lack granular understanding of these because they are designed to protect organizations from known attacks. Attacks that target API logic go unnoticed by these tools because they appear to be authenticated use cases, and then employ subtle methods to probe each for unique vulnerabilities, he noted.
To thwart those attacks, the Salt Security technology automatically discovers all APIs and associated functionality, said Eliyahu. That’s important because it’s not uncommon for organizations to lose track of the many that might have been exposed over the course of an application’s lifetime.