Salt Security MCP Server

Connect your AI directly with Salt Security to proactively defend your Application Programming Interface (API) environment. Improve API discovery, manage security posture, and remediate threats in real-time through simple conversational prompts.

What you can do

• API Inventory & Discovery — View all auto-discovered APIs in your environment, including unknown or shadow APIs (get_inventory). Retrieve schema details, identify exposed sensitive data (PII), and analyze structural drifts (get_endpoint).
• Threat Intelligence & Monitoring — Monitor active API attacks and business logic abuses as they happen (get_attacks). Profile known threat actors to uncover behavioral patterns (get_attackers).
• Active Remediation — Respond to incidents immediately by triggering blockade commands against attackers, seamlessly passing instructions to your integrated WAFs (block_attacker).
• Posture & Governance Assessment — Identify design flaws and vulnerabilities before they reach production (get_posture_vulnerabilities). Manage OpenAPI (OAS) specifications (list_oas_specs, upload_oas_spec) and verify active governance rules (get_governance_policies).

How it works

1. Enable the Salt Security integration in your workspace.
2. Navigate to your Salt Security console.
3. Go to the Settings or Administration section and generate a new API Token.
4. Paste this token securely into the configuration fields provided below.
5. Ask the AI: "Are there any known threat actors exploiting our APIs right now?"