By: Michael Callahan, CMO – Salt Security B:y CJ Sturgess, Partner Solutions Architect – AWS
APIs are sets of software instructions and protocols that enable applications to communicate and exchange data. Today, they’re the fabric of modern applications, connecting data, services, and, more recently, AI agents. Yet for many organizations, understanding the state of their API security can be a challenge. Security teams often face questions such as:
Traditionally, answering these questions requires specialized expertise, sifting through dashboards, and correlating logs and reports across multiple tools. This slows down remediation and keeps critical insights siloed within small security teams.
Salt Security, an AWS ISV Accelerate partner, aims to remove that complexity with the introduction of the Salt Model Context Protocol (MCP) server.
Salt Security’s new MCP server brings a fundamentally new way to engage with API security data: natural language. By connecting Salt’s solution with large language models (LLMs) through an MCP server, organizations can ask direct, non-technical questions in everyday language and instantly receive authoritative answers.
Imagine typing queries such as:
Instead of spending several hours sifting through logs and reviewing your API security posture, the Salt MCP server delivers answers in seconds. More importantly, it goes beyond surface-level visibility to provide explanations and remediation guidance, making insights actionable for both security and development teams alike.
Customers can also use Pepper AI, Salt Security’s AI-powered natural language interface, to receive actionable insights about their API landscape, posture gaps, and risk. The following screenshot shows using natural language to query the API environment in the Salt MCP server.
Figure 1: The Salt Ask Pepper AI interface showing natural language querying capabilities for API security analysis
There are three central API security challenges that enterprises must address. They need to reduce the amount of time it takes to identify vulnerabilities, find a way to democratize API security knowledge, and make it possible for security teams to make faster, more informed decisions.
In security, every second counts. Traditional methods require analysts to parse raw logs, query dashboards, and build manual reports to pinpoint vulnerabilities. Salt’s MCP-powered natural language interface removes that friction, accelerating time-to-insight and enabling security teams to move at the speed of modern threats.
API security expertise is typically limited to a small group of specialists. With natural language interaction, stakeholders from developers to compliance teams can query Salt for insights without needing deep technical expertise. This democratization brings API security to the forefront across the organization, not only within the security operations center (SOC).
When posture gaps are identified, speed and clarity matter. Salt doesn’t merely flag the gap, it explains why the policy is in violation, what the associated risks are, and what steps can close the exposure. As a result, teams can act with confidence and align remediation with compliance and governance requirements.
For organizations running on AWS, the benefits multiply because Salt’s MCP server integrates seamlessly into cloud-centered environments. Customers can:
AWS customers can now bridge the divide between complex, multi-service API environments and actionable security intelligence, all while staying aligned with their cloud-first strategies.
Getting started with Salt Security’s API Protection Platform is straightforward and flexible. Organizations can quickly procure Salt’s solution through AWS Marketplace, streamlining the purchasing and deployment process. For AWS customers, Salt’s Cloud Connect for AWS enables rapid integration with their cloud environment, typically taking only minutes to begin discovering and analyzing APIs. This automated connection alleviates the need for complex manual configurations or agent deployment, providing immediate visibility into API risks and vulnerabilities. As soon as the system is connected, teams can use the power of the Salt MCP server to start querying their API security posture using natural language, making advanced API security capabilities accessible across the organization.
The following screenshot shows the Salt Connector Hub, with its seamless connection to AWS.
Figure 2: Salt Connector Hub dashboard showing AWS environment integration options
With the rise of AI agents and LLM-driven workflows, security tools must evolve from static dashboards to interactive, conversational patterns. Salt Security’s MCP server represents that evolution. By empowering organizations to speak to their API security fabric in natural language, Salt is transforming the way teams can discover, govern, and protect their APIs.
The result? Faster insights, stronger security posture, and a security capability that scales with both the complexity of your environment and the pace of AI-driven innovation.
Check out more AWS Partners, speak with an AWS Partner specialist, or contact an AWS representative to learn how we can help accelerate your business.
Salt Security is an AWS Advanced Technology Partner and AWS Competency Partner that delivers an API Threat Protection solution focused on securing the ubiquitous APIs connecting everything from web and mobile applications to microservices and IoT devices. These are the APIs that you develop and own and are at the core of connecting your applications and data.
Contact Salt Security | Partner Overview | AWS Marketplace
