DEVOPSdigest

Salt Security announced API integrations with the CrowdStrike Falcon® platform to enhance and accelerate API discovery, posture governance and threat protection.

Addressing a critical cause of breach incidents, Salt Security and CrowdStrike have developed an innovative Foundry application, enabling rapid and efficient API discovery within minutes. Salt Security is also natively integrated with CrowdStrike Falcon® Next-Gen SIEM, delivering real-time threat insights while blocking attacks through the unified CrowdStrike Falcon® Firewall Management.

In 2022, the Falcon Fund, CrowdStrike's strategic investment vehicle, invested in Salt Security. Since then, the two companies have collaborated to pioneer API threat detection and improve organizations' overall API security posture.

The Salt Security Falcon Foundry Application, designed to deploy Salt Security's sensor, provides comprehensive API asset discovery within the customer's environment. Leveraging a pre-built template available to all CrowdStrike customers, the Salt sensor seamlessly deploys onto existing CrowdStrike Falcon endpoints, minimizing integration overhead and eliminating complex configuration procedures.

And as a natively integrated solution with Falcon Next-Gen SIEM, Salt combines its API attack telemetry with a rich dataset encompassing endpoint, identity, cloud, and other security/IT data, along with AI and automation. This holistic approach delivers unparalleled visibility into the modern attack surface, accelerating threat detection and response.

"APIs are a key component of modern digital transformation, and they've also become a prime target for attackers," said Daniel Bernard, chief business officer at CrowdStrike. "Together with Salt Security, we're making it seamless for CrowdStrike customers to deploy Salt's sensor through a CrowdStrike Foundry app. This integration arms organizations with unparalleled visibility into their API landscape, helping them identify vulnerabilities, proactively mitigate threats, and securing their most critical data and systems—all within the Falcon platform. Such collaboration showcases CrowdStrike's open ecosystem platform approach to revolutionizing cybersecurity and maximizing customer ROI."

CrowdStrike customers can now deploy the Salt sensor, assign target hosts, and initiate API traffic capture. Within minutes, the solution begins ingesting API traffic metadata, effectively mapping the attack surface and mitigating potential vulnerabilities across the API ecosystem. Once collected, organizations can integrate API data from Salt directly into Falcon Next-Gen SIEM with a single click. This streamlined deployment and data acquisition process enable real-time visibility into API activity, facilitating proactive security posture management.

"The increasing prevalence of API attacks necessitates a robust security posture, as these interfaces become prime targets for data exfiltration and reconnaissance," said Roey Eliyahu, co-founder and CEO at Salt Security. "The inherent complexity of API ecosystems, characterized by diverse functionalities and usage patterns, makes comprehensive attack surface management a significant challenge. Our market-leading integrations with CrowdStrike address this challenge by combining our specialized API security capabilities with the Falcon platform's established threat detection and response framework. This unified approach provides enhanced visibility and actionable intelligence needed to proactively identify vulnerabilities and neutralize advanced threats."