Press ReleaseArtificial Intelligence

Salt Security Announces Industry’s First Solution to Secure API Actions Taken by AI Agents

Delivering Immediate Visibility, Governance, and Real-Time Protection for APIs Powering Agentic AI, Closing a Critical Blind Spot for Enterprises

Salt Security, the leader in API security, announced and showcased at CrowdStrike Fal.Con 2025 the industry’s first solution to secure the actions Artificial Intelligence (AI) agents take in the enterprise.

As large organisations adopt agentic AI, agents are increasingly making real-time API calls through protocols like MCP and A2A, creating a new layer of risk. Salt Security is the first to converge API and AI security, giving organisations visibility into every agent-driven action, governance to enforce the right posture, and real-time protection against AI agent abuse.

This release gives security teams immediate visibility, automatic governance, and real-time protection for agentic AI, without extra setup. MCP Protect maps MCP server interactions and surfaces hidden endpoints, while built-in guardrails, enabled by default, enforce safe agent behaviour automatically.

A recent Gartner® report stated, “Widespread adoption of MCP and A2A will lead to more APIs and more API usage, not less.” They further project, “By 2028, 80% of organisations will see AI agents consume the majority of their APIs, rather than human developers.”

“Most organisations’ first AI security gap isn’t prompt and model jailbreak attacks, it’s the invisible API connections powering agents,” said Michael Nicosia, Co-founder and COO of Salt Security. “Salt closes that gap by continuously discovering every API, governing it against policy, and protecting it in real time, including the fast-growing universe of agent-driven traffic.”

What’s New in Salt Security

  • MCP Protect: Discovers and monitors all MCP servers and their interactions with AI agents, giving organisations visibility into previously hidden connections. Salt automatically assesses the risk of these interactions, maps sensitive data in motion, and protects against malicious or unsafe MCP server usage.

  • Agentic AI Governance: A new category of out-of-the-box security controls that enforce safe AI agent behaviour, automatically detecting and addressing the riskiest exposures in MCP and A2A environments.

Leading with Innovation

  • Gartner recommends “double down on API security by adding specialist security solutions to supplement standard gateway protections. Rate-limiting and access management, in particular, are vital for APIs AI applications will consume when addressing the risk of data and services being abused by agentic use.”

  • Gartner also projects that by 2028, “80% of organisations will see AI agents consume the majority of their APIs, rather than human developers.”

  • New Salt research shows that only 37% of organisations using agentic AI have a dedicated API security solution, 48% run 6–20 agent types, widening the API attack surface.

  • Out-of-the-box controls begin monitoring at first login to automatically detect high-risk exposures.

“From a security standpoint, it’s not just about what AI agents say, it’s what they actually do,” said Nick Rago, VP Product Strategy of Salt Security. “AI agents act through APIs, MCP, and A2A, but most organisations don’t have visibility into those actions. Salt gives you that visibility from day one, puts the right guardrails in place, and protects against abuse and AI logic attacks in real time, so your teams can move fast with confidence.”

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *