IT Brief US - Technology news for CIOs & IT decision-makers
United States

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Shield protecting interconnected data streams api pathways ai network security
#
Data Protection
#
AI Security
#
AI Ethics & Governance

Salt Security unveils AI agent API protection for enterprises

Today
Author image
By Jed Nykolle Harme, Editor

Salt Security has introduced the first security solution focused on safeguarding API actions taken by AI agents within enterprise systems.

As enterprises accelerate their adoption of agentic AI, the volume and complexity of real-time API calls by autonomous software agents continues to grow, presenting new risks related to uncontrolled and unmonitored access. Salt Security's new solution brings together oversight and protection for these agent-driven API interactions, aiming to address the vulnerability gap created by protocols such as MCP and A2A.

The company has launched a set of controls intended to provide security teams with immediate visibility, automated governance, and active defence for API-driven operations that underpin AI agent activity. According to Salt Security, this development marks the first time that the convergence of API and AI security is made available to enterprises, giving them detailed insight into agent-initiated actions, policy governance, and safeguards against potential misuse or attack by AI agents.

Nick Rago, Vice President of Product Strategy at Salt Security, described the challenge enterprises are facing:

"From a security standpoint, it's not just about what AI agents say, it's what they actually do. AI agents act through APIs, MCP, and A2A, but most organizations don't have visibility into those actions. Salt gives you that visibility from day one, puts the right guardrails in place, and protects against abuse and AI logic attacks in real time so your teams can move fast with confidence."

The new offering includes two primary areas of functionality. The first is MCP Protect, which discovers and monitors all MCP servers and their interactions with AI agents, providing organisations with visibility into previously hidden API connections. MCP Protect automatically assesses risks, maps the movement of sensitive data, and helps defend against potentially unsafe or malicious use of MCP servers.

The second area, Agentic AI Governance, introduces out-of-the-box security controls that enforce safer AI agent behaviours. These controls are designed to automatically detect and address high-risk exposures in MCP and A2A environments and begin monitoring upon initial login, reducing the opportunity for exposure from the outset.

The growing use of agentic AI in enterprises is underscored by research from Gartner. The analyst firm projects that by 2028, 80% of organisations will see AI agents consuming the majority of their APIs, as opposed to human developers. Gartner stated, "Widespread adoption of MCP and A2A will lead to more APIs and more API usage, not less." The report advises organisations to strengthen API security by combining specialist solutions with existing gateway protections and highlights the importance of rate-limiting and access management for APIs consumed by AI applications.

Salt Security research reveals that among organisations implementing agentic AI, only 37% currently employ a dedicated API security solution. Additionally, 48% of such organisations operate six to twenty different types of agents, further increasing the breadth of the API attack surface.

Michael Nicosia, co-founder and Chief Operating Officer of Salt Security, commented on the evolving enterprise risk profile:

"Most organizations' first AI security gap isn't prompt and model jailbreak attacks, it's the invisible API connections powering agents. Salt closes that gap by continuously discovering every API, governing it against policy, and protecting it in real time, including the fast-growing universe of agent-driven traffic."

The controls introduced by Salt Security are enabled by default and require no manual setup, providing immediate coverage for previously unmonitored agentic exposures. The company highlights that from the first login, its solutions begin monitoring for high-risk activities, with built-in guardrails automatically enforcing policy adherence to reduce the likelihood of abuse or accidental data exposure.

The adoption of specialist API security solutions is recommended by industry analysts to supplement the protection offered by standard API gateways. These measures are seen as vital for managing the risks presented by rapidly increasing machine-driven API interactions, especially as AI applications continue to advance and automate more business processes.

The Salt Security approach is positioned to address the challenge of maintaining effective oversight as autonomous agents become responsible for an increasing share of transactional API traffic within organisations. The release comes at a time when the operational role of AI agents is set to expand significantly, requiring robust governance and protection mechanisms to safeguard enterprise data and operations.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Scalekit raises USD $5.5M to secure AI agents in enterprise IT
Forescout expands Envision Partner Program with new promotions
Akamai & Seraphic partner to deliver unified Zero Trust browser security
Exabeam & Cribl expand AI security partnership to cut costs
CrowdStrike partners with tech giants to secure enterprise AI

Top stories

SecurityScorecard acquires HyperComply to boost AI security
Oracle unveils AI agents to automate & streamline HR processes
Java 25 debuts with AI, security & productivity upgrades
Check Point acquires Lakera to create AI security centre in Zurich
Google Ads rolls out AI Max & new generative tools globally