Case Study: TripActions achieves proactive API protection and shadow-API discovery with Salt Security

TripActions - Customer Case Study

TripActions, a Palo Alto–based booking and corporate expense platform, depends heavily on APIs to connect to airlines, HR, finance, and travel services and launched its own REST API in 2021. With rapidly changing APIs, extensive third‑party integrations, and the risk of shadow APIs and stealthy attacks, TripActions enlisted Salt Security to augment its API security and provide continuous, behavior‑based protection.

Salt Security deployed its AI‑driven API Protection Platform to discover APIs in real time, build behavioral baselines across hundreds of attributes, and detect anomalous activity. The Salt Security solution uncovered shadow APIs, stopped attackers during reconnaissance, generated proactive alerts and remediation insights for TripActions’ development and security teams, and adapted baselines as APIs evolved to minimize false positives while improving overall API security posture.

TripActions

Tarik Ghbeish

Product Security Engineer