Salt Security

BIG NEWS! Salt Security’s 1H 2026 State of AI and API Security report just dropped! 🙌 Are you up to date on your AI/API security insights? Bottom line: You can’t secure AI without securing the APIs that power it. Download the report: content.salt.security/State-of-AI-AP… Read the blog: salt.security/blog/the-era-o… #cybersecurity #AIsecurity #APIsecurity #AgenticAI #AIagents #SaltLabs #technology

Say hi to Salt Security in Denver at the CRA Summit on May 5th 👋 Dive into the future of cybersecurity, API security, and AI-driven risk, and learn how organizations are securing the technologies powering the agentic era 🌐 More information here: cyberriskalliance.swoogo.com/denver-2026 #cybersecurity #cyberevents #cybersecurityevents @cyberriskall

Salt sees east-west agent communication as a first-class signal. Who's talking to whom. What's being passed. Whether the chain of trust has been broken anywhere along the way. Your perimeter isn't the edge anymore. The agent mesh is. 3/3

Agents talk to other agents. They hand off tasks, share context, trigger downstream actions, and chain together in ways that never touch your perimeter at all. That's east-west traffic, and almost no security tool is built to see it. An attacker who compromises one agent in a chain doesn't need to breach your perimeter. They just ride the east-west flow. Agent to agent to action, completely beneath the radar of your existing stack. 2/3

Q: "We monitor all our API traffic at the perimeter. So we're covered, right?" This is where the conversation gets uncomfortable. A: Traditional security tools watch the perimeter. Traffic coming in. Traffic going out. North-south, in security terms. That model made sense when humans were the ones making requests. Agents don't work that way. 1/3 #AgenticSecurity #EastWestTraffic #AIAgents #ZeroTrust #cybersecurity #aisecurity #apisecurity

@OX__Security researchers found “a critical vulnerability baked directly into Anthropic's Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access to sensitive user data, internal databases, API keys, and chat histories.” AI agents don’t just think. They act. And many of those actions are happening through MCP servers that most organizations aren’t monitoring. Not sure what you can do? Discover some actionable steps: salt.security/blog/mcps-are-… #cybersecurity #AIagents #MCPservers #APIsecurity #AIsecurity #MCPsecurity

Salt is heading to Gartner Security & Risk Management Summit 2026 in National Harbor 😎 Planning on going? Come tune into our sessions! 🟣 June 1 at 1:40 pm, Theater 2: “Secure What AI Agents Do - Not Just What They Say” with Nick Rago 🟣 June 2 at 11:30 am, Chesapeake F: “The Agentic Security Graph: The Attack Surface Your AI Strategy Is Missing” with Michael Callahan & Nick Rago Lets connect! Book an activity: events.salt.security/saltsecurityat… #GartnerRMS2026 #GartnerEvent #cybersecurity #cyberevent #cybersecurityevent #APIsecurity #AIsecurity @cybrrnick

@kass_yossi Thanks for sharing!

@SaltSecurity just dropped this: 48.9% of organizations are completely blind to machine-to-machine traffic. They cannot see what their SaaS integrations are doing. They cannot monitor AI agents operating in their environment. That's not a detection problem. That's a visibility architecture problem.

If you can’t see your agentic attack surface, you can’t secure it. AI can now find vulnerabilities faster than humans can patch them, and it operates through APIs. Check out the new perspective from our CEO on why APIs are the first target in the agentic era → salt.security/blog/claude-my… #cybersecurity #apisecurity #AIsecurity #AgenticAI #AIAgents

@CyberTech_In Thanks for sharing!

@SaltSecurity Flags Growing API Security Gap in AI-Driven Systems Read more: bit.ly/4c83EmW #APISecurity #CyberSecurity #AI #DataSecurity #DigitalTransformation

Everyone is racing to secure AI, but are you securing the right layer? Securing prompts ≠ securing what agents actually do. Because AI agents don’t just generate text… They also call APIs, trigger workflows, move data, and take action ⚠️ Are you securing the layer where AI actually creates risk? Find out → salt.security/blog/everyone-… #cybersecurity #apisecurity #AIsecurity #AgenticAI #AIAgents #ActionLayer

Ouch! Don't let your blind spots be your downfall… Instead, learn how to stay ahead of the curve by being informed and adapting your security to keep your AI and APIs protected. The LiteLLM breach shows how attackers can bypass the model entirely by targeting the middleware connecting LLMs, MCP servers, and enterprise APIs. These machine-to-machine pathways are largely invisible to traditional security controls, yet they are where real data exposure occurs. AI risk doesn’t stop at the prompt, it continues through every API call an agent makes. Read the lessons from this breach: salt.security/blog/the-ai-su… #cybersecurity #apisecurity #AIsecurity #AgenticAI #AIAgents #ActionLayer

Heading to the Southeast Cybersecurity Summit? So are we 🧂 If you care about the future of cybersecurity, API security, and AI-driven risk, come connect with our team and learn how organizations are securing the technologies powering the agentic era. More information here: secybersecurity.com Come say hi and chat about what’s next in AI + API security 👋 #cybersecurity #cyberevents #APIsecurity #AIsecurity #cybersecurityevents

@drjournal Thank you for sharing! 🥳🥳🥳

Salt Security Research: As AI Agents Outpace Security, Most Organizations Face an Unsecured API Surge • @SaltSecurity • Disaster Recovery Journal drj.com/industry_news/…

Say hi to Salt Security at @KodiConnect Denver on April 9th! 👋🌐 This is the event for you if you like topics and discussions centered around: - Cybersecurity Strategies & Challenges - Cloud Security - Artificial Intelligence & Machine Learning in Cybersecurity - Threat Detection & Response - Workforce Innovation & Leadership in Cybersecurity Be there or be square 🟪 More information about the event: kodiconnect.com/event/cybersec… #cybersecurity #cyberevents #APIsecurity #AIsecurity #cybersecurityevents

Is your security up to date or is it only focused on the “brain?”🧠 If you aren’t sure, we’ve got just the video for you. In case you missed the live session, our recent informational webinar with CEO Roey Eliyahu dives into: -Why focusing only on LLM security leaves most of your AI risk unaddressed -How agents interact across LLMs, MCP servers, and APIs and where they create risk -What full-stack visibility looks like across your agentic attack surface -How to scale AI adoption safely without losing control Watch the video here: youtu.be/YCXu-m2bA7k #apisecurity #AIsecurity #cybersecurity #APIs #AIagents #AgenticAI #webinar #virtualwebinar

From Y Combinator lessons to AI-driven APIs to scaling enterprise cybersecurity, Salt Security’s COO and Co-founder, Michael Nicosia, shares insights on building a lasting company in this episode of the Inspired Insider Podcast with Dr. Jeremy Weisz 💡 Tune in for great perspectives on leadership, growth, and innovation → inspiredinsider.com/michael-nicosi… #apisecurity #cybersecurity #AIsecurity #thoughtleaders #startups #COO @InspireInsider

Interested in reading? Check out @techradar's new article by Eric Schwake, “Why NIST’s AI agent standards initiative is a turning point for enterprise security.” → techradar.com/pro/why-nists-…

AI Agents can do more than think... they can take action. So don't put all your focus on model guardrails. @cybrrnick joined @awscloud Security LIVE! to talk about why the next era of AI security isn’t just about protecting models, it’s about securing the agentic infrastructure powering real-world action. Tune in to learn why APIs are central to enabling AI innovation safely → youtube.com/watch?v=bth92I… #cybersecurity #APIsecurity #AWS #AIsecurity #AgenticAI #NIST