Aggregator

Hybrid API Security: The Best of Both Worlds

Security Boulevard
2 months 3 weeks ago

In API security, organizations frequently encounter a tough decision: whether to opt for the flexibility and scalability of a SaaS solution or the data control and privacy of an on-premises deployment. Salt Security's hybrid deployment option provides a solution that combines the advantages of a SaaS solution with the assurance of data privacy, offering the best of both worlds for organizations.

The Challenges of Traditional Deployment Models
  • SaaS: While SaaS solutions offer easy deployment, scalability, and access to the latest features, they can raise concerns about data privacy and compliance, especially for organizations handling sensitive information.
  • On-Premises: On-premises deployments offer greater data control but require significant IT resources for maintenance, updates, and scaling.
Salt Security's Hybrid Deployment: A Balanced Approach

Salt Security's hybrid deployment option balances the advantages of SaaS and on-premises solutions. It combines a local, self-contained "edge" component called the Hybrid Server with the power of the Salt AI-infused platform.

  • Data Privacy: The Hybrid Server processes API traffic locally, ensuring that sensitive data never leaves an organization's environment. Only aggregated metadata and malicious events are transmitted to the Salt cloud for further analysis and threat intelligence sharing.
  • Scalability and Performance: The Hybrid Server can handle up to 9 billion API calls monthly, ensuring optimal performance even in high-traffic environments. It also seamlessly scales across multiple environments, data centers, and clouds.
  • Ease of Management: Salt Security handles the maintenance, updates, and monitoring of the Hybrid Server, freeing up your IT resources and reducing operational overhead.
  • Deep API Visibility and Posture Governance: The Hybrid Server model provides unparalleled visibility into all API traffic, enabling organizations to comprehensively understand their API landscape and identify potential security risks and compliance gaps. This deep visibility, coupled with Salt's AI-powered posture governance capabilities, allows organizations to proactively address vulnerabilities and ensure their APIs' integrity.
  • Advanced Threat Protection: The Hybrid Server leverages Salt's cloud-based AI and ML engine to detect and prevent sophisticated API attacks in real time. This ensures you benefit from the latest threat intelligence and behavioral models, even with a local deployment.
Benefits of Salt Security's Hybrid Deployment
  • Data Sovereignty: An organization's sensitive data remains within its infrastructure, ensuring compliance and mitigating privacy risks.
  • Effortless Scalability: The Hybrid Server's capacity and adaptability ensure seamless performance, even as an organization's API ecosystem expands.
  • Focus on What Matters: Salt Security takes care of the technicalities, allowing IT and security teams to concentrate on strategic security initiatives.
  • Proactive Risk Mitigation: Gain a deep understanding of an organization's API landscape to identify and address vulnerabilities before they are exploited.
  • Stay Ahead of the Threat Landscape: Benefit from real-time, AI-powered threat detection and prevention, even with a local deployment.
Conclusion

Salt Security offers a hybrid deployment option that provides a solution for organizations looking to balance SaaS's advantages with data privacy and control requirements. By merging local data processing with a cloud-based AI/ML platform, Salt Security delivers a robust and adaptable API security platform that can cater to any organization's needs.

If you want to learn more about Salt and how we can help you on your API Security journey through discovery, posture management, and run-time threat protection, please contact us, schedule a demo, or check out our website.

The post Hybrid API Security: The Best of Both Worlds appeared first on Security Boulevard.

Eric Schwake

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

CISA News
2 months 3 weeks ago

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), CISA, FBI, NSA, and international partners are releasing Best Practices for Event Logging and Threat Detection. This guide will assist organizations in defining a baseline for event logging to mitigate malicious cyber threats.

The increased prevalence of malicious actors employing living off the land (LOTL) techniques, such as living off the land binaries (LOLBins) and fileless malware, highlights the importance of implementing and maintaining an effective event logging program.

 CISA encourages public and private sector senior information technology (IT) decision makers, operational technology (OT) operators, network administrators, network operators, and critical infrastructure organizations to review the best practices in the guide and implement recommended actions. These actions can help detect malicious activity, behavioral anomalies, and compromised networks, devices, or accounts.

For more information on LOTL techniques, see joint guidance Identifying and Mitigating Living Off the Land Techniques and CISA’s Secure by Design Alert Series.

For more information and guidance on event logging and threat detection, see CISA’s Secure Cloud Business Applications (SCuBA) products, network traffic analysis tool Malcom, and Logging Made Easy.

CISA

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA News
2 months 3 weeks ago

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA

Recent Phishing Campaigns Discovered by ANY.RUN Researchers

Anyrun
2 months 3 weeks ago

At ANY.RUN, we’re committed to staying at the forefront of cybersecurity threats. Our team continuously monitors and analyzes emerging phishing campaigns to keep our users informed and protected. We regularly share our findings on our X (formerly Twitter) account.    In this article, we’ve compiled a selection of the most notable phishing campaigns we’ve seen […]

The post Recent Phishing Campaigns Discovered by ANY.RUN Researchers appeared first on ANY.RUN's Cybersecurity Blog.

Stas Gaivoronskii, Jane, Electron and khr0x

Managed ad