TLDR: Salt Security has launched an industry-first solution designed to secure API actions performed by AI agents within enterprise environments. Announced at CrowdStrike Fal.Con 2025, this innovation addresses the growing security risks posed by agentic AI, which increasingly utilizes real-time API calls through protocols like MCP and A2A. The new offering provides immediate visibility, automatic governance, and real-time protection against potential AI agent abuse, closing a critical security blind spot for organizations.
LAS VEGAS – September 15, 2025 – Salt Security, a recognized leader in API security, has announced a pioneering solution aimed at securing the API actions executed by artificial intelligence agents within enterprise infrastructures. The announcement, made at CrowdStrike Fal.Con 2025, marks a significant step in converging API and AI security, providing organizations with unprecedented visibility, governance, and real-time protection against the emerging threats posed by agentic AI.
As large enterprises increasingly adopt agentic AI, these intelligent agents are making real-time API calls through various protocols, including Model Context Protocol (MCP) and Agent-to-Agent (A2A). This proliferation of AI-driven API interactions introduces a new and complex layer of security risk that traditional methods are ill-equipped to handle.
Michael Nicosia, co-founder and COO of Salt Security, highlighted the critical nature of this development, stating, “Most organizations’ first AI security gap isn’t prompt and model jailbreak attacks, it’s the invisible API connections powering agents.” He added, “Salt closes that gap by continuously discovering every API, governing it against policy, and protecting it in real time, including the fast-growing universe of agent-driven traffic.”
The new solution delivers immediate visibility into every agent-driven action, automatic governance to enforce appropriate security postures, and real-time protection against potential AI agent abuse. A key component of this offering is ‘MCP Protect,’ a feature designed to provide organizations with a clear view of their AI-powered systems. MCP Protect automatically discovers and monitors all MCP servers and their interactions with AI agents, revealing previously hidden connections. It then assesses the risk of these interactions, tracks sensitive data movement, and safeguards against unsafe or malicious use of MCP servers.
Furthermore, the update introduces a new category of ready-to-use security controls. These controls are engineered to ensure safe AI agent behavior by automatically detecting and addressing significant security vulnerabilities in both MCP and A2A environments, enabled by default without requiring extensive setup.
Nick Rago, VP Product Strategy at Salt Security, emphasized the practical implications: “From a security standpoint, it’s not just about what AI agents say, it’s what they actually do. AI agents act through APIs, MCP, and A2A, but most organizations don’t have visibility into those actions. Salt gives you that visibility from day one, puts the right guardrails in place, and protects against abuse and AI logic attacks in real time so your teams can move fast with confidence.”
The urgency of this solution is underscored by industry projections. A recent Gartner report stated, “Widespread adoption of MCP and A2A will lead to more APIs and more API usage, not less.” The report further projects that “By 2028, 80% of organizations will see AI agents consume the majority of their APIs, rather than human developers.” This forecast highlights the escalating need for robust security measures specifically tailored to AI-driven API interactions.
Also Read:
- Astrix Security Unveils Industry-First AI Agent Control Plane for Enhanced Enterprise AI Security
- Enterprise AI Agent Adoption Surges: 90% of Businesses Actively Integrating Autonomous Systems, Kong Inc. Report Reveals
Salt Security’s innovation aims to close a critical blind spot for enterprises, enabling them to embrace agentic AI with greater confidence and reduced risk.
