Salt Security, the leading API security company, today announced that Xolv Technology Solutions, a provider of end-to-end solutions that reduce the complexity of delivering health care, is protecting its API-driven applications using the Salt Security API Protection Platform.
Xolv uses the Salt platform to discover and secure the APIs that serve as the foundation for its technologies that enable home and community-based health services to improve accessibility, affordability, and care outcomes. Xolv helps organizations transform the way they work and deliver care outside of traditional hospital settings through its fully integrated suite of solutions ranging from clinical treatment operations to revenue cycle management.
Xolv built its custom web and mobile applications, used by both patients and care providers, using a combination of more than 90 APIs in a hybrid cloud infrastructure that spans on-prem, AWS, and GCP environments. Xolv found that the traditional tools it was using for API protection, including web application firewalls (WAFs) and API gateways, were generating errors, blocking non-malicious activity, and missing API attacks. The company turned to Salt Security and its platform that distinguishes proper API calls from malicious ones, discovers the full breadth of APIs across Xolv’s environments, supports testing and remediation insights for API development, and secures the Xolv applications from data exposure, exfiltration, and other malicious API attacks.
“We realized that our WAFs could never understand the unique business logic of our APIs, and our gateways couldn’t provide full visibility into the expanse of APIs in our application environments,” said Jason Weitzman, application security engineer at Xolv Technology Solutions. “To remedy these issues, we considered six different API security solutions and tested three. One simply didn’t work, and another one lacked any runtime protection. Deploying the Salt platform took almost no effort – it integrated quickly with our existing Cloudflare, AWS, Jira, and other systems. It also started identifying errors and delivering insights on how to craft better APIs within minutes.”