Salt Security Announces the Industry’s First Solution to Secure API Actions Taken by AI Agents

New solution delivers immediate visibility, governance, and real-time protection for APIs powering agentic AI, closing a critical blind spot for enterprises.

LAS VEGAS, Sept. 15, 2025 /PRNewswire/ — At CrowdStrike Fal.Con 2025, Salt Security, the leader in API security, today announced the industry’s first solution to secure the actions AI agents take in the enterprise. As large organizations adopt agentic AI, agents are increasingly making real-time API calls through protocols like MCP and A2A, creating a new layer of risk. Salt is the first to converge API and AI security, giving organizations visibility into every agent-driven action, governance to enforce the right posture, and real-time protection against AI agent abuse. Salt will showcase these innovations at CrowdStrike Fal.Con 2025 (Booth 2018) and present “When AI Agents Go Rogue: The Security Gaps You’re Missing [2304]” on Tuesday, Sept. 16, 11:00–11:45 a.m. PDT.

This release gives security teams immediate visibility, automatic governance, and real-time protection for agentic AI, without extra setup. MCP Protect maps MCP server interactions and surfaces hidden endpoints, while built-in guardrails, enabled by default, enforce safe agent behavior automatically.

A recent Gartner^® report stated, “Widespread adoption of MCP and A2A will lead to more APIs and more API usage, not less.” They further project, “By 2028, 80% of organizations will see AI agents consume the majority of their APIs, rather than human developers.¹”

“Most organizations’ first AI security gap isn’t prompt and model jailbreak attacks, it’s the invisible API connections powering agents,” said Michael Nicosia, co-founder and COO of Salt Security. “Salt closes that gap by continuously discovering every API, governing it against policy, and protecting it in real time, including the fast-growing universe of agent-driven traffic.”

What’s new in Salt Security

• MCP Protect: Discovers and monitors all MCP servers and their interactions with AI agents, giving organizations visibility into previously hidden connections. Salt automatically assesses the risk of these interactions, maps sensitive data in motion, and protects against malicious or unsafe MCP server usage.
• Agentic AI Governance:  A new category of out-of-the-box security controls that enforce safe AI agent behavior, automatically detecting and addressing the riskiest exposures in MCP and A2A environments.

Leading with innovation

• Gartner recommends “double down on API security by adding specialist security solutions to supplement standard gateway protections. Rate-limiting and access management, in particular, are vital for APIs AI applications will consume when addressing the risk of data and services being abused by agentic use.¹“
• Gartner also projects that by 2028, “80% of organizations will see AI agents consume the majority of their APIs, rather than human developers. ¹“.
• New Salt research shows that only 37% of organizations using agentic AI have a dedicated API security solution, 48% run 6-20 agent types, widening the API attack surface.
• Out-of-the-box controls begin monitoring at first login to automatically detect high-risk exposures.

“From a security standpoint, it’s not just about what AI agents say, it’s what they actually do,” said Nick Rago, VP Product Strategy of Salt Security. “AI agents act through APIs, MCP, and A2A, but most organizations don’t have visibility into those actions. Salt gives you that visibility from day one, puts the right guardrails in place, and protects against abuse and AI logic attacks in real time so your teams can move fast with confidence.”

1. Source: Gartner Report, How MCP and the A2A Protocols Impact API Management, by Shameen Pillai, Mark O’Neill etc., Aug 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Salt Security
Salt Security secures the APIs that power today’s digital businesses. Salt delivers the fastest API discovery in the industry—surfacing shadow, zombie, and unknown APIs before attackers find them. The company’s posture governance engine and centralized Policy Hub automate security checks and enforce safe API development at scale. With built-in rules and customizable policies, Salt makes it easy to stay ahead of compliance and reduce API risk. Salt also uses machine learning and AI to detect threats early, giving companies a critical advantage against today’s sophisticated API attacks. The world’s leading organizations trust Salt to find API gaps fast, shut down risks, and keep their businesses moving. Learn more at https://salt.security

Media Contact: Karl Bateson, Salt Security, [email protected]

View original content to download multimedia:https://www.prnewswire.com/news-releases/salt-security-announces-the-industrys-first-solution-to-secure-api-actions-taken-by-ai-agents-302555973.html

SOURCE Salt Security