Modern cloud environments rely heavily on APIs, which serve as essential building blocks for applications and services. Yet, they also introduce complex and often underprotected attack surfaces. Recognizing this,
Salt Security and
Wiz have expanded their partnership with a new integration that combines
API security intelligence with cloud risk context—providing a more unified view of an organization’s threat landscape.
Traditional cloud security platforms often struggle to account for the dynamic behavior of APIs. Salt Security’s API Protection Platform addresses this gap by continuously discovering APIs, analyzing traffic in real time, and detecting behavioral anomalies. This functionality now feeds directly into the Wiz security platform, giving security teams the ability to view API posture, threats, and compliance risks alongside other cloud vulnerabilities.
The integration adds depth to Wiz’s existing security graph by mapping API events and posture data from Salt into potential attack paths. This provides context around which API exposures matter most—especially when combined with other risks present in the cloud environment.
Unified Visibility and Risk Context
With Salt's intelligence embedded in Wiz, organizations gain consolidated visibility into API vulnerabilities, toxic combinations, and misconfigurations. Security teams can use this shared view to understand how API gaps could contribute to broader cloud security issues, improving both prioritization and response.
This approach not only streamlines incident detection and resolution but also enhances compliance workflows. Security and compliance teams can track API posture against internal policies and regulatory requirements, all from within the Wiz platform.
Automation and Response at Scale
The integration also introduces automated workflows. When API threats meet predefined thresholds in Salt, Wiz can trigger incident creation automatically—accelerating investigation and enabling rapid remediation. This automation supports lean teams by reducing manual triage and helping organizations respond to threats with greater efficiency.
This joint solution reflects the growing need for convergence between API security and cloud infrastructure protection. As organizations scale their API usage in cloud-native environments, the ability to correlate API behavior with cloud context becomes critical. The Salt-Wiz integration brings that correlation into a single operational platform, improving visibility, reducing response times, and strengthening the overall security posture. Salt Security and Wiz customers can access the integrated capabilities now through the Wiz Integration (WIN) platform.
A Win for the Channel
Eric Schwake, director of cybersecurity strategy at Salt Security, told MSSP Alert that combining Salt’s deep API discovery posture and threat insights with Wiz’s cloud security posture management allow MSSPs and other channel partners to offer a more complete security story at a time when APIs are under attack by threat groups.
In a report last year, researchers with cloud company Akamai Technologies found that 29% of all web attacks in 2023
targeted APIs.
“Partners can now help customers quickly identify shadow and zombie APIs, enforce posture governance, and reduce overall API risk, all through tools many customers already use,” Schwake said. “For example, partners can guide customers in leveraging unified API security and posture governance with attack chain context, perform contextual risk analysis for better prioritization, assist with API compliance enforcement and reporting, and help set up automated workflows for incident creation in Wiz.”
He called it “a natural expansion opportunity for partners supporting either Wiz or Salt.”
