Case Study: Xolv achieves complete API discovery and runtime protection with Salt Security

Xolv - Customer Case Study

Xolv, a Dublin-based nonprofit provider of integrated healthcare and revenue-cycle solutions, was facing a security challenge: its web application firewall (WAF) was incorrectly blocking legitimate API traffic—flagging normal calls as SQL injection attacks—while Xolv’s growing estate of customer-facing and internal apps (with data flowing through Salesforce) left potential API blind spots. After evaluating multiple vendors, Xolv chose Salt Security to address the need for accurate API threat detection and continuous discovery.

Salt Security deployed its API Protection Platform (including the API Context Engine) to automatically discover internal, external and third‑party APIs, stop abnormal behavior and automate blocking of attacks. With Salt Security, Xolv gained a complete API inventory (including shadow and zombie APIs), runtime protection that eliminated incorrect WAF blocking, the ability to pinpoint problematic calls during a monitoring transition, and automated alerts/attack timelines and remediation guidance—improving visibility and reducing false security alerts across SFDC, GCP and AWS.

Xolv

Jason Weitzman

Senior Security Engineer