Salt Security allows Berkshire Bank to accurately capture, catalog, and secure its growing API activity
Salt Security, the leading API security company, announced that Berkshire Bank, a leading socially responsible community bank with office locations in New England and New York, has selected the Salt Security API Protection Platform to secure its growing ecosystem of APIs. The Salt platform enables Berkshire Bank to reduce business risk by shielding itself, its partners, and its customers from rising API-based cybersecurity threats, while augmenting the company’s zero trust security model.
Berkshire Bank joins a growing number of financial services institutions that have chosen Salt Security to secure their and their customers’ critical data, including Ally Bank, Apiture, City National Bank, and Finastra, among others.
Latest ITechnology News: AMD Expands HPC Fund to Aid Researchers Solving the World’s Toughest Challenges
“As a business enabler that supports multiple Fintech partnerships, Berkshire Bank wants to bring innovative and convenient financial offerings to market as quickly as possible. However, we will never do so at the expense of our customers’ security,” said Ryan Melle, SVP, Chief Information Security Officer, Berkshire Bank. “Salt Security makes it easy for us to mitigate the risk of API-based exposure when storing and sharing information online about our customers’ financial data. We looked at other solutions but only Salt had the full range of capabilities we wanted – complete API visibility, protection across build and runtime, and seamless integration into every facet of our API ecosystem.”
Digital transformation, mobilization, cloud migration, and application modernization represent the new technology frontier for financial services, and APIs are the delivery vehicle to get there.
However, APIs have also become the number one attack vector for applications today. According to the Salt Security State of API Report, Q1 2022, API attacks rose 681% in 2021, compared to a 321% increase in overall API traffic during the same period.
“Berkshire Bank, like many of our customers, has begun to rely more heavily on APIs to drive and support new digital business initiatives,” said Roey Eliyahu, co-founder and CEO, Salt Security. “Bad actors have also zeroed-in on the valuable information that APIs hold. The industry has quickly realized that today’s solutions, such as web application firewalls (WAFs) and API gateways, fail to defend against API threats. Even solutions supposedly designed for API security lack the context needed to identify API attacks in the wild. Only Salt applies cloud-scale big data to the challenge, providing the context needed to identify API attacks, which often unfold over days, weeks, and even months.”
Latest ITechnology News: Swisscom Expands MATRIXX Software Partnership to Monetize All Services Across Telco, Cloud and Security
Dedicated API Security Reduces Risk for Financial Services
Salt Security delivers an automated approach that empowers Berkshire Bank to streamline data protection as it continuously discovers all APIs. With the ability to capture and accurately inventory all API activity and automatically detect anomalies in API behaviors, financial service organizations can:
- Prevent API attacks that allow unauthorized access to accounts
- Defend APIs from account takeover (ATO)
- Protect their API rich web and mobile banking applications
Salt Security delivers full lifecycle protection across build, deploy and runtime phases, including defending against the attacks outlined in the OWASP API Top 10 list. With the remediation insights uncovered by the Salt API platform, Berkshire Bank can strengthen and harden APIs in the development process to more confidently protect itself against attacks.
The Salt Security patented API Context Engine (ACE) architecture, powered by cloud-scale big data, AI and ML, provides context-based, continuous analysis to baseline normal API behavior so that users can detect the reconnaissance activity of bad actors and block them before they can reach their objective. It also requires no configuration and provides seamless integration with existing DevOps and SecOps tooling and workflows.
Latest ITechnology News: Africa Data Centres Named BoICT’s Carrier Neutral Data Centre of the Year
[To share your insights with us, please write to sghosh@martechseries.com]