Salt Security Empowers Developers and Cuts Cost

Background

The Salt Security API Protection Platform provides API security across modern applications. The platform collects API traffic across the entire application landscape and applies AI/ML and big data to inventory all APIs, identify and stop attacks, and provide remediation insights to harden APIs.

The Salt Security platform identifies vulnerabilities in real time — in pre-production as well as production environments — and integrates them into app dev/build systems to ensure security from the moment APIs are created.

Challenge

Changes in application frameworks, such as the adoption of Kubernetes, containers, and cloud-native architectures, as well as innovation initiatives such as digital transformation, cloud migration, and app modernization, have all driven a huge increase in the volume of APIs and therefore the need for API security.

As a result, the Salt Security team, backed by Sequoia Capital and CapitalG, began exploring new methods for development and ultimately the infrastructure that supported the testing of their applications.

They were looking for a way to scale their IaC in a streamlined manner. They needed to answer growing demand without creating internal overhead or igniting developer frustration. 

Solution

With env0, Salt Security now manages and deploys Terraform from a unified platform.

They've transitioned to dividing AppDev work into projects and environments, facilitating a more structured, collaborative, and granular approach to managing their IaC at scale.

This enables them to provision, manage, and view all resources from a single platform, streamlining, automating, and simplifying IaC workflows.

Results

Among the ability to support the necessary DevOps and CI/CD solutions, the Salt Security team specified the following areas of improvement:

Increased Developer Velocity With Managed Self-service

‍The env0 platform enabled developers to provision environments independently while adhering to organizational requirements and standard policies. This empowered developers and increased their velocity.

‍Simplified Management

Salt Security reduced the number of configuration files and variables for most environments. This made the architecture easier to manage and reduced the time and effort for configuration management and deployments.

Cloud Infrastructure Cost Reduction

env0’s Role Based Access Controls (RBAC) quickly became a key differentiator for the Salt Security team. Their ability to manage access to environments and projects, at a team, developer, and cloud resource level was an extra benefit. Enforcing policies allows for shutting down specific environments during the weekend, resulting in cost savings.

‍