Salt Security has launched AI-powered features to address the "Context Crisis" in API security, including Salt AI API Summaries that translate complex API schemas into plain English explanations. The GenAI engine automatically generates natural-language summaries for every endpoint, answering questions about purpose, data handling and consumers in seconds. The company also introduced a redesigned Deep Context Side Drawer that organises API telemetry using Domain-Driven Design, displaying schema visualisation, threat intelligence and configuration gaps without requiring source code access. The tools aim to bridge the skills gap between security teams and developers by enabling junior analysts to understand complex technical services instantly. Both features are immediately available to all Salt Security customers. The company specialises in API security and AI governance for digital businesses.

Salt Security has announced two new integrations expanding its API security platform: the Salt Databricks Connector and the Salt Netlify Collector. The additions aim to provide security teams with comprehensive API visibility across enterprise environments. The Databricks Connector specifically targets the "Agentic Action Layer", identifying Model Context Protocol servers and AI agents that connect proprietary data models to external systems. It provides visibility into which APIs and data sources internal AI agents are accessing, filling a gap that infrastructure scanners miss. The Netlify Collector extends Salt's traffic analysis to decoupled frontend applications and Jamstack architectures, ensuring security coverage as organisations push logic to the edge. Both integrations are immediately available as part of the Salt Illuminate platform, reinforcing the company's "Universal Visibility" strategy for API security and AI governance.

Salt Security brings MCP threat protection to AWS WAF, blocking AI agent abuse in real time. News provided by. LAS VEGAS, Dec. 3, 2025 /PRNewswire/ - Salt Security, the leader in API security, today announced it is extending its patented, award-winning API behavioral threat protection to detect and block malicious intent targeting Model Context Protocol (MCP) servers deployed within the AWS ecosystem. Building on the recent launch of Salt's MCP Finder technology, Salt now enables organizations to identify external misuse and abuse of MCP servers by AI agents and attackers, and automatically block these threats using its integration with AWS WAF. MCP servers have rapidly become a key component of enterprise AI architecture, enabling LLMs and autonomous agents to call APIs, execute tools, and complete workflows. But they also represent a new threat vector. Deployed without central oversight and often exposed to the internet, MCP servers are increasingly targeted by adversaries for unauthorized access to critical data and system access. With this new capability, Salt enables customers to use their existing AWS WAF deployments to block attacks on MCP infrastructure. The protections are informed by real-time behavioral threat data from Salt's platform. "Most organizations don't even know how many MCP servers they have, let alone which ones are exposed or being abused," said Nick Rago, VP of Product Strategy at Salt Security. "This capability lets them take action quickly, using existing controls to prevent real threats without needing to deploy new infrastructure." The solution is based on Salt's MCP Finder technology, which provides full visibility into the MCP layer across external, internal, and shadow deployments. By combining that discovery with AWS WAF, customers can: * Automatically block MCP misuse and abuse before it impacts applications * Discover previously unknown or unmanaged MCP implementations and ensure traffic is routed through AWS WAF for inspection and protection * Extend AWS WAF edge protection to the AI action layer * Apply intent-based behavioral threat detection to stop attacks targeting key AI infrastructure that traditional tools miss * Continuously update protections based on evolving attacker tactics Salt Security is showcasing these capabilities at AWS re:Invent 2025. The integration is available now as part of the Salt Security API Protection Platform. About Salt Security Salt Security secures the APIs that power today's digital businesses. Salt delivers the fastest API discovery in the industry - surfacing shadow, zombie, and unknown APIs before attackers find them. The company's posture governance engine and centralized Policy Hub automate security checks and enforce safe API development at scale. With built-in rules and customizable policies, Salt makes it easy to stay ahead of compliance and reduce API risk. Salt also uses machine learning and AI to detect threats early, giving companies a critical advantage against today's sophisticated API attacks. The world's leading organizations trust Salt to find API gaps fast, shut down risks, and keep their businesses moving. Learn more at https://salt.security SOURCE Salt Security