We use it to provide enhanced and improved security around API integrations for organizations. Given the product's backing by Google and Sequoia Capital, it's truly great.
Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
13 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Provides visibility and control over all APIs
What is our primary use case?
What is most valuable?
It fills a gap in the market. Organizations lack visibility into their API landscape and posture. They don't know if APIs are secure, well-developed, or have vulnerabilities. They also can't detect API attacks until it's too late.
Salt Security gives you visibility of all your APIs, identifies API security issues, and immediately alerts you of attacks.
These are the main things organizations lack, even if they're already using APIs. Salt fills that gap for them.
What needs improvement?
I've built integrations for different systems, and some specific integrations might not be built in yet. This might be an issue for large customers but is not a major concern overall.
So, the integration part could be a bit extended. Every organization has different systems, but Salt integrates with 90% of them. If a custom integration is needed, they can build it. They're very good at integrations. So, Salt Security can provide a proof of concept with system integration and share results within two weeks, which often leads to customer purchases.
At this point, the product covers everything needed. They keep adding new features, and my local customers haven't requested any missing functionality. The product roadmap is good for the market.
For how long have I used the solution?
I have been with this solution for 18 months. It's new to the EDR market. I only launched in the New York market two years ago. We deal with the latest version.
What do I think about the stability of the solution?
It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues.
What do I think about the scalability of the solution?
It's really, really scalable. Some customers handle seven billion API calls a month. That requires cloud deployment and scaling resources, which they do well, so ten out of ten.
It's relatively new, about ten organizations in South Africa, but we have ongoing proof of concept. The adoption is rapid.
How are customer service and support?
The customer service and support are good; they know their stuff.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We still use XY and Netscout VSN, but they offer limited API security compared to Salt's comprehensive integration and stability. Salt created its own category.
Other vendors might be on-premise, part of larger solutions, or more complex. That's Salt's advantage and why it's gaining market share.
How was the initial setup?
It's a SaaS solution that mirrors traffic, so it's not an inline solution. That means two weeks is a general guideline for implementation.
The deployment model is hybrid. Typically, in our market, it's hybrid with an on-prem server and the solution itself in the cloud.
The challenge with deployments is limited personnel due to rapid growth. I work with over a hundred companies in EMEA for evaluation, so technical constraints might arise.
However, we assist customers with integrations as it's more organizational than software-related.
What about the implementation team?
We have a team of 20 engineers skilled in the solution to provide local support.
What's my experience with pricing, setup cost, and licensing?
It is an annual subscription fee. It's very affordable. The value it provides justifies the cost, considering automation and availability features. Compared to other solutions, it's within a typical price range.
Which other solutions did I evaluate?
What other advice do I have?
My initial discussions with organizations often reveal they lack visibility into their API landscape and sensitive data. The first discussion is how many APIs you have. How many integrations? Do you have sensitive data in your organization? And the answer from the head of security is, typically, "We don't know!"
Organizations need a solution. And from what you've seen, that's where solutions like Salt come in. So, I would recommend this to to any organization, large and small.
I would rate it a ten out of ten because it addresses fundamental risks that exist in dealing with sensitive information. It's crucial to have a solution like Salt in place. It's like a basic requirement, not just something that enhances efficiency.
Senior Manager, Security
What do you like best about the product?
The product has been instrumental in helping us resolve attacks and better understanding vulnerabilities. The responsiveness from Salt team is great.
What do you dislike about the product?
Better root cause findings when issues are identified. However, the product is consistently getting better.
What problems is the product solving and how is that benefiting you?
Helping determine API vulnerabilities and prevent attacks.
Amazing API security tool
What do you like best about the product?
First of all, the entire Salt team is a pleasure to work with. They are always responsive and are always eager to assist. Secondly, the Salt Security is the creme de la creme of API security tools. It does so much, and is a valuable tool in assisting with keeping our APIs safe.
What do you dislike about the product?
There is nothing that I dislike about this too.
What problems is the product solving and how is that benefiting you?
Salt Security is solving the issue of API security. As our organization starts to utilize APIs a lot more, we realized that there was a gap in monitoring those APIs. Now that we have brought on Salt, we can rest easy that our APIs are being monitored and protected.
Good Solution in Changing Landscape
What do you like best about the product?
A very lightweight solution that builds upon existing integrations, a responsive and open-minded support team, and an easy-to-navigate product. Salt isn't trying to solve every problem; they've found a niche and have focused on tightly sealing that gap.
What do you dislike about the product?
The product is still relatively new and missing quite a few bells and whistles. The SIEM logging integrations are missing native action logging, and we've had difficulties getting APIs going through a gateway to report correctly as unique items. However, Salt is a great partner and has been working with us through our requirements to improve the functionality that we need.
What problems is the product solving and how is that benefiting you?
We have not yet finished our implementation, but Salt will help us better secure our APIs without having to rely on heavy customization of some of the larger WAF-like products that are built to protect traditional applications.
Salt Security Survey
What do you like best about the product?
Attack traffic is probably the most consulted screen, however the security insights, sensitive information screens and endpoint autodiscovery are all also very useful
What do you dislike about the product?
I would like to see API compositions and other calls chains (sequences of APIs calling each other) stitched together graphically so the exact specific call chain that each API call was part of is super clear.
What problems is the product solving and how is that benefiting you?
Identifying potentially malicious traffic, tightening up the handling of sensitive information, detecting improper use of authentication and other security details.
Visibility into All APIs
What do you like best about the product?
we have a centralized view of the APIs and we have alerts generated for events that are not common that could be attacks in our enviroment
What do you dislike about the product?
Salt could generate some detailed reports and also have some link on OAS to show how to fix those appointments
What problems is the product solving and how is that benefiting you?
The visibility of our APIs and alerting us when something different is happening in our enviroment
A promising new approach of API Security
What do you like best about the product?
Easy navigation and the detection of atacks at business logic layer.
What do you dislike about the product?
The tool could have more options to extract detailed statistic data.
What problems is the product solving and how is that benefiting you?
The salt could be an excellent tool to help with incident causes investigation.
Small, nimble, and very capable.
What do you like best about the product?
I love the product and its intuitive nature. It helps with both attacks and remediations.
What do you dislike about the product?
They're small, young, and nimble. They have all the need-to-have features but are still working towards some of the nice-to-have features.
What problems is the product solving and how is that benefiting you?
API security, especially rouge APIs, and ensuring complete coverage for all endpoints on the gateway.
Great plataform. Allow us to track and block attackers based on your profile and ip address.
What do you like best about the product?
Facility on your use; integration with Splunk.
What do you dislike about the product?
Needs some kind of programmatic configuration.
What problems is the product solving and how is that benefiting you?
Centralized managed of ours API endpoints attacks.
Excellent tool for API security and helpful, responsive support.
What do you like best about the product?
Extensive hands on support to get the tool working and beyond. Simplicity of dashboards while giving lots of info.
What do you dislike about the product?
Tagging is inconsistent through dashboards
What problems is the product solving and how is that benefiting you?
Cloudflare WAF (even with API security) was severly lacking. Salt was the best solution we found to cover this security gap.
showing 1 - 10