Salt Security announced that
Armis, the
agentless device security platform, has deployed the
Salt Security
API Protection Platform to secure its growing number of APIs. Armis,
which integrates with an increasing number of devices and systems to help its
customers manage risk, experienced an exponential growth in APIs with the onset
of the global pandemic.
"As our customers embraced remote work because of the
pandemic, we needed to rapidly and dramatically increase the number of
integrations supported by our platform, which exponentially multiplied our
overall API count within just a few months," said Curtis Simpson, CISO of
Armis. "Until then, we documented and tested our APIs manually, but we could no
longer keep up. The Salt platform automates it all for us - discovering the
APIs, identifying which ones expose sensitive data, pinpointing poorly written
APIs that create unnecessary risk, and capturing the remediation details our
dev teams need to improve our API security posture. By taking care of all our
API security, Salt allows our developers to keep building new integrations
rapidly without putting us or our customers at risk."
Armis'
experience echoes the digital transformation, cloud adoption, and microservices
trends that are driving organizations of all types to run more APIs, with
richer functionality than ever. Hackers understand this dynamic and are
increasingly targeting APIs. As a result, organizations struggle to manage the
increased security risk - manual API documentation processes can't keep up,
existing tools such as Web Application Firewalls (WAFs) and API gateways don't
protect against API attacks, and relying solely on "shift left" practices of
writing more secure APIs are leaving companies vulnerable.
Armis
selected Salt Security for its ability to provide immediate security for all
running APIs, dynamically and continuously discover all new and changed APIs,
and stop API hackers before they successfully complete an attack. The dynamic
approach from Salt also helps Armis meet its compliance and Federal contracting
needs.
Along with discovering all internal, external, and third-party
APIs, the Salt Security API Protection Platform provides granular details about
the APIs, such as all parameters and sensitive data the APIs expose. This
information helps customers like Armis better understand their API attack
surface and assess risk. For Armis, the continuous discovery capability enables
the company to maintain an accurate inventory and complete documentation of its
APIs, despite the fact that most of its APIs change weekly.
"Armis is like a lot of other companies
that have seen their use of and reliance on APIs skyrocket since the onset of
the COVID-19 pandemic. Old security constructs don't help in this new
API-driven world, and the lack of API visibility and protection constitutes
significant business risk," said Roey Eliyahu,
CEO and co-founder of Salt Security. "It's gratifying to help Armis, by
ensuring its APIs are compliant and secure, deliver world-class IoT security to
its own customers."
To learn
more about the Salt Security API Protection Platform and request a demo, please
visit: https://content.salt.security/demo.html.