TripActions, the fastest-growing travel and expenditure management platform, has installed the Salt Security API Protection Platform to secure the APIs that underpin its platform, according to Salt Security, the leading API security business. TripActions was able to identify potential API issues and exposed data due to the Salt platform’s ongoing discovery capabilities. The platform has also provided the organization with remediation insights into possible vulnerabilities, which it can employ to strengthen its API security posture.

With the commencement of the COVID-19 epidemic, TripActions, a global leader in corporate travel and spend management, quickly changed operations to adapt to a rapidly evolving travel sector. First, the organization made certain that it could assist clients and their families in returning home safely and quickly. The company then expanded its operations to include a wide range of safety services as well as increased business capabilities including real-time analytics. As a result of these modifications, the company’s API footprint grew quickly. The firm also took advantage of the event to debut TripActions LiquidTM, a new all-in-one travel and spending management system. The company’s push into the FinTech sector is formalized with the development of this platform, which increased the company’s reliance on APIs even further. TripActions is able to assure that its APIs were secure during the development and runtime phases of these extensions and that the protection would scale with the platform’s growth.

“Last year brought a major shift in the needs of our customers, which inspired us to launch creative new services. With APIs as part of the very foundation of TripActions, platform expansion created a broader attack surface, along with the corresponding potential for risk and exposure,” said Tarik Ghbeish, product security engineer, TripActions. “Traditional tooling such as WAFs and gateways are not able to stop API attacks. Salt Security brings unique capabilities to find and stop API attacks. It also provides rich discovery of our APIs and exposed data – all at the comprehensive scale we need.”

The Salt Security API Protection Platform delivers full coverage across all APIs for API-first enterprises, providing valuable analysis, context, and remedial insights needed to defend APIs against attacks. Its patented artificial intelligence (AI) and big data engine can detect early warning signs of an attack, stop attackers in their tracks, and turn attackers into penetration testers, giving useful insights that can be used to identify and eliminate vulnerabilities, preventing sensitive data from being exposed. TripActions has found the Salt platform to be particularly helpful in identifying and safeguarding shadow APIs, detecting attackers, and getting remedial information to help enhance API security posture on a continuous basis.

“TripActions’ innovative capabilities bring corporate travel, finance, billing, and expense management into a single platform. As the company has scaled its applications to meet the demands of the changing business landscape, its platforms – like with most companies driving digital innovation – become increasingly reliant on a quickly growing number of APIs. Many innovators are faced with this challenge of ever-growing API-connected ecosystems, which hackers are increasingly targeting as a lucrative treasure trove. Salt Security makes it possible to stop attackers in their tracks while remediating exposures and vulnerabilities that can emerge when developing application environments to eliminate blind spots and create sustained improvements in an organization’s security program,” said Roey Eliyahu, CEO and co-founder of Salt Security.