Salt Security

6.7K posts

Salt Security banner
Salt Security

Salt Security

@SaltSecurity

Securing the Agentic AI action layer: protecting the APIs, MCP servers, and agents powering modern digital business.

Palo Alto, CA Katılım Ağustos 2018
910 Takip Edilen4.9K Takipçiler
Salt Security
Salt Security@SaltSecurity·
Are you wondering how to secure your org's evolving Agentic threat landscape? Well, we have the event for you. Come join Salt Security’s exclusive Agentic Security Workshop at Shangri-La, Shard, London, on the 6th of August 🌐 Seats are limited so book your spot today! Register here: events.salt.security/aiagentsecurit…
English
0
0
0
84
Salt Security
Salt Security@SaltSecurity·
Attackers are scanning for your MCP servers and AI agent credentials right now. 49+ IPs, structured recon. MCP = access to your internal APIs, DBs, file systems. Most orgs have zero visibility into this traffic, but Salt catches it🧂 Read up here @SANSInstitute: isc.sans.edu/diary/rss/33150
English
2
3
2
85
Salt Security
Salt Security@SaltSecurity·
Researchers weaponized AI hallucinations into a botnet: pre-register the fake package names LLMs invent, wait for agents to pull & execute. 85-100% success rate. How do you prevent this? Salt Security flags the anomalous API calls agents shouldn't be making 🛑 Read more @SecurityWeek: securityweek.com/hallusquatting…
English
0
4
3
99
Salt Security
Salt Security@SaltSecurity·
In the agentic era, you can’t secure what you can’t see, making Salt Cloud Connect for AWS an absolute game changer. Organizations can instantly discover APIs, MCP servers, and agentic activity across @awscloud environments (without deploying sensors or routing traffic). Check how it’s done → youtu.be/gH9uFXrqbpM
YouTube video
YouTube
English
0
3
3
101
Salt Security
Salt Security@SaltSecurity·
Come say hey in Mandalay Bay! Salt Security will be at Black Hat and we’d love to chat! 😎 Swing by Booth #5938 to: - Get a live demo - See your Agentic Graph - Talk through how Salt is redefining Agentic Security - Learn about Salt Code We have super fun activities you don’t want to miss! Check them out here: events.salt.security/saltsecurityat…
English
0
3
3
80
Salt Security
Salt Security@SaltSecurity·
“Cybersecurity has historically been built around protecting users, devices and infrastructure. AI agents blur those boundaries. They operate as both user and system, authenticating, accessing data and triggering actions, often with broad permissions and without direct human involvement...” Says Michael Nicosia, Salt Security’s COO and Co-Founder, in @Forbes. Read the entire article for key insights on how AI is reshaping cybersecurity: forbes.com/councils/forbe… #Forbes #cybersecurity #AIsecurity
English
0
4
4
80
Salt Security
Salt Security@SaltSecurity·
282 of 444 iOS AI apps leak LLM API keys in network traffic. 92 have open relay backends, zero auth required. One token expires in 2125. 72% still unpatched 3 months later. This is an API posture crisis. What could prevent this? The 92 open relay backends accepting unauthenticated AI API traffic are a direct OWASP API2 failure. Salt Security's API discovery would surface these anonymous-access proxy endpoints as critical posture risks. The LLMjacking pattern, sudden AI API call spikes from unexpected source IPs, is exactly the behavioral anomaly Salt's platform detects in real time. Read more about the incident @TheHackersNews: thehackernews.com/2026/06/282-io… #APISecurity
English
0
4
5
108
Salt Security
Salt Security@SaltSecurity·
August is coming up fast 👀 Are you going to be in Vegas for Black Hat 2026? If you are, we’d love to see you! Come visit Salt Security at booth #5938 to connect and see how we’re redefining Agentic Security. We’ve got plenty of fun events to join so check out what Salt has in store (seriously, you’re going to want to take a look): events.salt.security/saltsecurityat…
Salt Security tweet media
English
0
5
3
73
Salt Security
Salt Security@SaltSecurity·
Nissan just disclosed a data breach affecting employees across the US, Canada, Mexico, and Brazil. Payroll records, Social Security numbers, banking data. The root cause? An unauthenticated HTTP endpoint in Oracle PeopleSoft. No credentials needed. ShinyHunters exploited it at 300+ instances across 100+ organizations. This is OWASP API2 in the wild: broken authentication on an API that enterprises trusted because it was "internal." PeopleSoft's REST API surface is extensive, and one misconfigured endpoint was enough to expose sensitive HR data at global scale. Salt Security's platform monitors API behavioral baselines continuously. Bulk exfiltration of payroll records through APIs that normally see routine, low-volume HR queries? That's an anomaly Salt catches before the breach notification lands. The question isn't whether your ERP has API endpoints. It does. The question is: do you know which ones are unauthenticated? #DataBreach #OracleEBS #OWASP
English
0
4
3
171
Salt Security
Salt Security@SaltSecurity·
Oracle EBS CVE-2026-46817 (CVSS 9.8) is being actively exploited. Unauthenticated HTTP takeover of the Payments component. 450+ instances exposed online. No POC needed. Same playbook Clop used against Harvard & WaPo in 2025. Salt can find these unauthenticated endpoints before attackers do 🔍
English
0
3
5
203
Salt Security
Salt Security@SaltSecurity·
Can you see where your AI agents, MCP servers, and API-connected workflows are communicating? With Salt Cloud Connect for @databricks, teams can quickly discover Databricks MCP servers, understand what they do, see the APIs they connect to, and identify potential risk or posture gaps. It’s time to get full visibility into the Agentic Action Layer. Discover more on our YouTube channel: @SaltSecurity" target="_blank" rel="nofollow noopener">youtube.com/@SaltSecurity #APISecurity #AISecurity #AgenticAI #Databricks #MCP
English
0
4
3
84
Salt Security
Salt Security@SaltSecurity·
Are you registered for the joint webinar with @CrowdStrike + Salt security? Tune in on June 30th to learn how an AI-native security architecture can protect the full chain from intent to action. We’ll deep dive into how to secure: - Model runtime, prompts, inference, and LLM behavior with CrowdStrike Falcon® AIDR - APIs, MCPs, and AI-connected services with Salt Security - Shadow and over-permissioned AI infrastructure before attackers exploit it Don’t miss out: events.salt.security/crwdaidr?utm_m…
Salt Security tweet media
English
2
3
4
96
Salt Security
Salt Security@SaltSecurity·
Too often, cybersecurity evaluations reward what looks good in week one: fast setup, clean dashboards, polished reports, and checkbox coverage. But real risk doesn’t show up in a controlled demo. It shows up six months later, across messy environments, distributed teams, ownership gaps, and patient attackers. And with AI agents connected to APIs, weak authorization paths don’t just stay hidden. They scale. It’s time to evaluate security tools for what happens after the POV: across real teams, real workflows, real data, and real risk. Read the blog: salt.security/blog/we-traine…
English
0
3
4
80