Salt Security announced that TripActions has deployed the
Salt Security API Protection Platform
to secure the APIs that underlie its platform. The continuous discovery
capabilities of the Salt platform have enabled TripActions to identify future
API risks and exposed data. The platform has also delivered remediation
insights into potential vulnerabilities that the company can use to improve its
API security posture.
As a global leader in corporate travel and spend management,
TripActions transitioned operations quickly with the onset of the COVID-19
pandemic to adjust to a quickly evolving travel industry. First the company
ensured that it was able to help customers and their families return home
quickly and safely. Then it augmented operations to encompass extensive safety
services as well as enhanced enterprise features such as real-time analytics.
Those changes drove a rapid expansion of its API footprint. The company also
used the opportunity to launch its latest application, TripActions Liquid, a
new all-in-one travel and expense management solution. This platform launch
formalized the company's foray into the FinTech market, further increasing its
reliance on APIs. Throughout these expansions, Salt Security enabled
TripActions to ensure its APIs were secured across build and runtime and that
the protection would scale with its platform's growth.
"Last year brought a major shift in the needs of our
customers, which inspired us to launch creative new services. With APIs as part
of the very foundation of TripActions, platform expansion created a broader
attack surface, along with the corresponding potential for risk and exposure,"
said Tarik Ghbeish, product security engineer, TripActions. "Traditional
tooling such as WAFs and gateways are not able to stop API attacks. Salt
Security brings unique capabilities to find and stop API attacks. It also
provides rich discovery of our APIs and exposed data - all at the comprehensive
scale we need."
The Salt Security API Protection Platform provides API-first
companies with comprehensive coverage
across all their APIs, offering the valuable analysis, context, and
remediation insights needed to secure APIs against threats. Its patented
artificial intelligence (AI) and big data engine is able to identify the early
indicators of an attack, stop attackers from advancing, and turn attackers into
penetration testers, providing valuable feedback used to identify and eliminate
vulnerabilities so that sensitive data is not being exposed. The Salt platform
has been particularly effective assisting TripActions in identifying and
securing shadow APIs, detecting attackers, and gaining remediation insights to
help improve API security posture on a continuous basis.
"TripActions' innovative capabilities bring corporate
travel, finance, billing, and expense management into a single platform. As the
company has scaled its applications to meet the demands of the changing
business landscape, its platforms - like with most companies driving digital
innovation - become increasingly reliant on a quickly growing number of APIs,"
said Roey Eliyahu, CEO and co-founder of Salt Security. "Many innovators are
faced with this challenge of ever-growing API-connected ecosystems, which
hackers are increasingly targeting as a lucrative treasure trove. Salt Security
makes it possible to stop attackers in their tracks while remediating exposures
and vulnerabilities that can emerge when developing application environments to
eliminate blind spots and create sustained improvements in an organization's
security program."
To learn more about the Salt Security API Protection
Platform and request a demo, please visit: https://content.salt.security/demo.html.