Salt Security lifts lid on new STEP partner program

The Salt Security logo on a white background
(Image credit: Salt Security Press Kit)

API security specialist Salt Security has detailed its new Salt Technical Ecosystem Partner (STEP) program, which it says will help partners to better leverage its deep API adaptive intelligence.

The company is integrating its AI-driven API security insights across organizations' existing workflows and tools as part of the program, which has been designed to accelerate those integrations and enable customers to strengthen their API security posture. 

As part of its announcement, Salt has also revealed its inaugural partners, which include dynamic application security testing (DAST) specialists Bright Security, Invicti Security, and StackHawk. It also includes interactive application security testing (IAST) firm Contrast Security.

With the new STEP initiative, Salt Security co-founder and CEO Roey Eliyahu said the company has taken "a unique approach to solving the broad and serious challenge of securing APIs." 

"Our deep API context offers the industry's richest API discovery and runtime protection, and now we're extending that adaptive intelligence to our partners' best-of-breed solutions, providing our customers with unparalleled API security," he said.

"We're excited to welcome Bright, Contrast, Invicti, and StackHawk to our program with their industry-leading API security testing solutions."


Whitepaper cover with two colleagues looking at papers with a laptop in front of them

(Image credit: Dell Technollogies)

Experience the maximum benefits of quickened microservice application development and delivery.


According to the company's 2023 State of API Security report, 94% of organizations said they have experienced security issues in their production APIs over the past year, while a separate study by API management specialist Kong found that the average overall cost of a security breach currently stands at an estimated $6.1 million.

With pre-built DAST and IAST integrations, Salt's offering enables organizations to switch to a risk-based approach for API testing by connecting cloud to code and focusing on sensitive data. It also helps increase surface coverage through its API inventory combined with vulnerability prioritization from partners. 

A illustration of computer circuits

(Image credit: Shutterstock)

Using APIs to rewire supply chains in 2023

The firm also promises better quality testing, reduced friction for DevOps and DevSecOps teams, speed time to value, improved efficiencies, as well as increased R&D velocity.

The STEP program lends a formal structure to much of Salt's work with API ecosystem integration, which includes WAFs, API gateways, and cloud security providers. The firm will also jointly develop some integrations with partners and publish APIs to accelerate integrations and allow partners to swiftly access valuable API data from the Salt system.

Gadi Bashvitz, CEO of Bright Security, said the company's partnership with Salt enables the business to provide its customers with the "most sophisticated and complete API security solution in the industry."

"By leveraging the intelligence derived from Salt, application security (AppSec) and development teams are equipped to significantly improve their organizations' API security posture," he said. "AppSec can provide governance for the AppSec programme, and development teams can detect and remediate vulnerabilities early in the development lifecycle."

Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.