Salt Security API Protection Platform

We use it to provide enhanced and improved security around API integrations for organizations. Given the product's backing by Google and Sequoia Capital, it's truly great.

It fills a gap in the market. Organizations lack visibility into their API landscape and posture. They don't know if APIs are secure, well-developed, or have vulnerabilities. They also can't detect API attacks until it's too late. 

Salt Security  gives you visibility of all your APIs, identifies API security issues, and immediately alerts you of attacks.

These are the main things organizations lack, even if they're already using APIs. Salt fills that gap for them.

I've built integrations for different systems, and some specific integrations might not be built in yet. This might be an issue for large customers but is not a major concern overall. 

So, the integration part could be a bit extended. Every organization has different systems, but Salt integrates with 90% of them. If a custom integration is needed, they can build it. They're very good at integrations. So, Salt Security  can provide a proof of concept with system integration and share results within two weeks, which often leads to customer purchases.

At this point, the product covers everything needed. They keep adding new features, and my local customers haven't requested any missing functionality. The product roadmap is good for the market.

I have been with this solution for 18 months. It's new to the EDR market. I only launched in the New York market two years ago. We deal with the latest version.

It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues.

It's really, really scalable. Some customers handle seven billion API calls a month. That requires cloud deployment and scaling resources, which they do well, so ten out of ten.

It's relatively new, about ten organizations in South Africa, but we have ongoing proof of concept. The adoption is rapid.

The customer service and support are good; they know their stuff.

Positive

We still use XY and Netscout VSN, but they offer limited API security compared to Salt's comprehensive integration and stability. Salt created its own category. 

Other vendors might be on-premise, part of larger solutions, or more complex. That's Salt's advantage and why it's gaining market share.

It's a SaaS solution that mirrors traffic, so it's not an inline solution. That means two weeks is a general guideline for implementation.

The deployment model is hybrid. Typically, in our market, it's hybrid with an on-prem server and the solution itself in the cloud.

The challenge with deployments is limited personnel due to rapid growth. I work with over a hundred companies in EMEA for evaluation, so technical constraints might arise. 

However, we assist customers with integrations as it's more organizational than software-related.

We have a team of 20 engineers skilled in the solution to provide local support.

It is an annual subscription fee. It's very affordable. The value it provides justifies the cost, considering automation and availability features. Compared to other solutions, it's within a typical price range.

My initial discussions with organizations often reveal they lack visibility into their API landscape and sensitive data. The first discussion is how many APIs you have. How many integrations? Do you have sensitive data in your organization? And the answer from the head of security is, typically, "We don't know!"

Organizations need a solution. And from what you've seen, that's where solutions like Salt come in. So, I would recommend this to to any organization, large and small.

I would rate it a ten out of ten because it addresses fundamental risks that exist in dealing with sensitive information. It's crucial to have a solution like Salt in place. It's like a basic requirement, not just something that enhances efficiency.