最新估值 01
1400 USDm [CO022, CV001] 尽调报告
Salt Security
API 安全头部厂商,ARR 增长和产品迭代都有可信支撑,但公开证据仍不足以让人有把握地承销 2022 年的独角兽价格。
Salt Security 仍是可信的 API 安全品类先行者,也有实质企业客户牵引;但公开经营披露与 2022 年独角兽估值之间的落差仍过大,支撑不了高确信度投资判断。
封面要素
公司概况
Salt Security 是一家私有 API 安全公司,由 Roey Eliyahu 和 Michael Nicosia 于 2016 年创立,运营根基在以色列,目前总部位于 California 州 Palo Alto。公司销售 Salt Security API Protection Platform,这是一款云交付产品,面向企业客户,聚焦 API 发现、态势治理、行为威胁检测,以及新兴的智能体 AI 安全控制。公开融资历史很强,核心是 2022 年 CapitalG 领投的 $140 million Series D,估值 $1.4 billion;第三方收入数据库显示 ARR 从 2024 年约 $48.5 million 扩至 2025 年约 $75 million。公开尽调的主要限制不在产品相关性,而在留存、客户集中度、烧钱速度和 2022 年后资本充足性的信息不透明。
- 成立时间
- 2016-01-01
- 创始人
- Roey Eliyahu, Michael Nicosia
- 创立地点
- Israel
- 总部
- Palo Alto, California, USA
- 产品
- Salt Security 销售云交付 API 安全平台,覆盖 API 发现、态势治理、运行时威胁检测、行为分析,以及面向 LLM、MCP 服务器和 API 交互的新型智能体安全控制。
- 客户
- 目标客户是金融服务、科技、零售、制造等 API 密集行业的大型企业安全团队,它们需要大规模发现、治理并保护生产 API。
- 商业模式
- 企业 SaaS,靠年度订阅、市场上架和渠道 / 合作伙伴路径销售;定价与受保护 API 流量规模和企业部署范围挂钩。
- 阶段
- Series D private company
- 融资情况
- 最近一次确认的新股融资是 2022 年 2 月 CapitalG 领投的 $140 million Series D,估值 $1.4 billion;累计披露融资约 $271 million。
执行摘要
主要优势
- Salt 帮助定义了专门的 API 安全品类,产品创新仍可信,覆盖态势管理、运行时检测和智能体 AI 控制。
- 公开证据支持企业客户牵引:ARR 从 2024 年约 $48.5M 增至 2025 年约 $75M,并有多个具名企业客户背书。
- 投资人阵容强,CapitalG、Sequoia、Tenaya、DFJ Growth 和 Y Combinator 带来持久战略价值和信号价值。
主要风险
- 2022 年 $1.4B 估值相较当前独立 API 安全可比公司难以支撑,特别是折价的 Noname/Akamai 基准。
- Salt 仍未公开披露经审计收入、NRR/GRR、流失、客户集中度、烧钱速度或当前现金状况。
- 超大规模云厂商和 WAAP 老牌厂商越来越多地捆绑 API 安全功能,可能压缩独立产品定价和扩张经济性。
- 以色列研发集中度带来业务连续性和采购风险问题,公开材料尚未充分回答。
未决问题
- 截至 2026 年的经审计 ARR/收入、烧钱速度、现金余额和现金跑道。
- 客户数、NRR/GRR、流失、合同期限和头部客户集中度。
- 以色列研发组织的书面业务连续性规划。
- Agentic Security 和 Salt Code 除发布宣传之外的持久付费采用证据。
目录
01公司概况
1.1 身份、产品范围与公司结构
Salt Security 由 IDF 网络安全老兵 Roey Eliyahu(CEO)和 Michael Nicosia(COO)于 2016 年创立。公司早期运营根基在以色列,之后扩展到当前的 Palo Alto 总部。公司最初以 Secful 名义注册,后来在推出商业化 API 防护平台、走出隐身期时更名为 Salt Security。Salt Security 注册地在 Delaware,总部位于 Palo Alto,并把研发集中在以色列 Tel Aviv,采用以色列网络安全公司常见的双枢纽模式。 公司的核心产品是 Salt Security API Protection Platform,一款云交付 SaaS 解决方案。平台结合云规模大数据处理、机器学习和人工智能,提供三项整合能力:自动化 API 发现(包括影子 API 和僵尸 API)、行为式运行时威胁检测,以及面向开发者的态势治理。Salt 自称是第一家打造专用且有专利的 API 安全平台的厂商,并以此将自己定位为品类开创者。截至 2025 年中,平台已经扩展到智能体 AI 安全、MCP 服务器防护,以及通过「Ask Pepper AI」进行对话式安全调查。 Salt Security 面向大型组织中的企业安全团队、CISO 和应用安全从业者,这些组织运行复杂且 API 密集的应用栈。公司把产品定位为 API 网关、WAF 和 SIEM 平台的补充,而不是替代品;CrowdStrike Falcon 和 AWS WAF 集成也体现了这一点。阶段上,公司属于 Series D / 后期私有公司;截至本次报告日期,尚未宣布 IPO。[CO001, CO002, CO003, CO004, CO005, CO006]
1.2 创始人、管理层厚度与治理
Roey Eliyahu 联合创办 Salt Security 并担任 CEO。创办 Salt 之前,Eliyahu 联合创办了 Eshkol College,这是一家网络安全培训机构,重点培养毕业生进入 IDF 精英网络部队;他本人也在 IDF 网络部队服役三年,最终担任团队负责人。联合创始人兼 COO Michael Nicosia 曾任 Adallom 全球销售副总裁;Adallom 后来被 Microsoft 收购,成为 Cloud App Security 产品线的一部分,这给 Salt 带来了直接的企业安全销售经验。 Series D 前后,高管团队明显扩容。关键新增成员包括 Kfir Lippmann(CFO),他曾在 monday.com 从 40 名员工一路负责财务到 Nasdaq IPO;Matt Quarles(CRO),2023 年加入,负责扩大全球收入;Michael Callahan(CMO),曾任 Acronis CMO;Renee Hollinger(Chief People Officer),曾任 Reltio CHRO;Gilad Gruber(SVP Engineering),曾任 Payoneer CTO;以及 Yaniv Balmas(VP Research),他在 Check Point 领导网络研究八年后创办了 Salt Labs。 董事会席位反映了投资人联盟:Tom Banahan(Tenaya Capital)在 Series A 后加入;Carl Eschenbach(Sequoia Capital)在 Series B 后加入;James Luo(CapitalG)随 Series D 投资加入;Haim Sadger 和 Ayala Peterburg(S Capital VC)代表创始阶段投资人。这种五席董事会、投资人占比较高的结构,符合后期风投支持公司常见模式。关键人物依赖仍然重要:两位联合创始人都在运营一线,Eliyahu 是主要公开面孔;Lippmann 的 monday.com IPO 经验,也让他成为任何公开市场路径中的关键资源。[CO009, CO010, CO011, CO012, CO013, CO014]
| 人物 | 职位 | 背景 | 创始人 / 市场匹配 | 关键人物依赖 |
|---|---|---|---|---|
| Roey Eliyahu | 联合创始人兼 CEO | 联合创办 Eshkol 网络安全学院;IDF 精英网络部队 3 年;Forbes 30 Under 30 | 深厚 IDF 网络背景;产品愿景表达者和公开发言人 | 高 — 主要对外面孔;主导产品战略和投资人关系 |
| Michael Nicosia | 联合创始人兼 COO | Adallom 全球销售 VP(被 Microsoft 收购);企业安全销售背景 | 补足 Eliyahu 的技术领导力,负责商业侧;塑造 GTM 和合作伙伴 | 中 — 渠道与合作落地的关键 |
| Kfir Lippmann | CFO | 曾在 monday.com 负责财务,从 40 名员工一路到 Nasdaq IPO | 具备 IPO 级财务领导力;任何公开市场路径都离不开 | 高 — 唯一有公开市场准备经验的高管 |
| Matt Quarles | CRO | 企业安全销售领导经验(已审阅来源未披露前任公司) | 直接负责收入,并在 Series D 后扩张全球销售 | 中 — 负责 ARR 爬坡 |
| Michael Callahan | CMO | 前 Acronis CMO;曾任职于 Cofense、McAfee、HP、Juniper、Zimperium | 20+ 年网络安全营销经验;扩张品牌和需求生成 | 低至中 — 可替换的营销领导岗位 |
| Renee Hollinger | 首席人力官 | 前 Reltio CHRO | 为全球员工扩张搭建文化和人才体系 | 低 — 支持职能,对外暴露低 |
| Gilad Gruber | 工程 SVP | 前 Payoneer CTO | 大规模平台工程经验,支撑云级大数据底座 | 中 — 产品路线图的工程落地 |
| Yaniv Balmas | 研究 VP / Salt Labs | 在 Check Point Software 领导网络研究 8 年 | 漏洞研究和发布拉动可信度与销售管线 | 中 — Salt Labs 声誉绑定该岗位 |
董事会:Tom Banahan(Tenaya)、Carl Eschenbach(Sequoia)、James Luo(CapitalG)、Haim Sadger 和 Ayala Peterburg(S Capital VC)。董事会构成来自新闻稿和 Crunchbase 报道;未通过公司注册文件独立核验。
[CO009, CO010, CO011, CO012, CO013, CO014]1.3 融资历史、投资人与估值
Salt Security 的资本形成期包括 2018 年至 2022 年六轮公开可查融资。公司在 2018 年 9 月向 SEC 提交了种子轮 Form D。最早披露金额的融资是 2020 年 6 月 $20 million Series A,由 Tenaya Capital 领投,S Capital VC 和 Y Combinator 参投,使当时累计融资达到约 $30 million。六个月后,Sequoia Capital 在 2020 年 12 月领投 $30 million Series B,使总融资达到 $60 million,并让 Carl Eschenbach 加入董事会。2020 年两轮融资相隔六个月,节奏很紧,反映出早期产品市场契合度较强、收入增长很快。 2021 年 5 月,Salt 完成 $70 million Series C,由 Advent International 领投,Alkeon Capital、DFJ Growth 和既有投资人参投。Series C 公告称,公司过去十二个月收入增长 400%,员工数增长 160%。2022 年 9 月,CrowdStrike 的 Falcon Fund 对 Salt Security 进行战略投资,开启 GTM 合作关系。 决定性的资本事件是 2022 年 2 月 Series D:$140 million,由 CapitalG(Alphabet 旗下独立成长基金)领投,所有既有投资人参与。该轮于 2022 年 2 月 18 日向 SEC 备案(File No. 021-434118,CIK 0001753414),Salt 估值达到 $1.4 billion,获得独角兽身份。Globes 报道指出,公司在 Series D 前十二个月内融资 $210 million。Series D 资金用途是加速研发、扩展销售和营销,并扩大国际业务。截至本次报告日期,公司未宣布 Series E 或之后的新股融资。Forge、notice.co 等二级市场观察者显示,当前私募市场交易中,Salt 股份可能较 2022 年峰值估值折价。[CO018, CO019, CO020, CO021, CO022, CO023]
| 利益相关方 | 角色 / 轮次 | 控制权 / 经济重要性 | 尽调问题 |
|---|---|---|---|
| CapitalG (Alphabet) | Series D 领投;董事会席位(James Luo) | 最大单轮投资人;$140M 支票;与 Google 具备战略协同 | 确认董事会投票权;评估战略型还是财务型授权 |
| Sequoia Capital | Series B、C、D 参投;董事会席位(Carl Eschenbach) | 多轮参投并具董事会影响力;Eschenbach 同时任 Palo Alto Networks / Snowflake 董事 | 老股交易活动;是否有拖售权或共同出售权 |
| Tenaya Capital | Series A 领投;董事会席位(Tom Banahan) | 早期轮次领投;自 2020 年起拥有董事会影响力 | 确认 Series A 是否有保护性条款 |
| S Capital VC | 种子、A、B、C、D 参投;董事会席位(Sadger 和 Peterburg) | 创立期投资人,双董事席位;连续性最高 | 厘清清算优先权堆叠;双席位集中度 |
| Y Combinator (YC Continuity) | 种子 / 早期至 Series D | 网络效应和加速器背书;YCC 在 Series D 继续加码 | YCC 持股规模和转让限制 |
| Advent International | Series C 领投;继续参投 Series D | 成长型股权基金在 Series C 领投;增强企业客群战略可信度 | Series D 后是否有董事会观察员权利 |
| DFJ Growth | Series C 和 D 参投 | 成长阶段 VC;未发现公开董事会席位 | 确认 Series D 参投经济条款 |
| Alkeon Capital | Series C 和 D 参投 | 多空对冲基金跨界投资人;释放公开市场可选性信号 | 确认持有期限和锁定条款 |
| CrowdStrike Falcon Fund | 战略投资(2022 年 9 月) | 战略关系锚定 Falcon 集成伙伴关系 | 确认是否有排他、共同销售或收购权条款 |
| Roey Eliyahu / Michael Nicosia | 联合创始人 / 高管 | 保留运营控制;投票权未知 | 确认普通股 vs. 优先股比例以及创始人归属状态 |
投资人参投信息来自公司新闻稿和 SEC Form D 文件。董事会席位来自 CRN、Calcalist 和 BusinessWire 公告。 Falcon Fund 投资来自 Salt Security 新闻稿。没有公开的二级股东数据(例如员工老股出售)。
[CO018, CO019, CO020, CO021, CO022, CO023]展示 Salt Security 的身份、产品、客户群、资本结构与执行依赖如何在 Series D / 后期私有阶段相互连接。
[CO001, CO004, CO028, CO029]1.4 封面指标、规模标记与披露姿态
Salt Security 披露的信息足以支撑方向性投资判断,但不足以在没有管理层接触的情况下完成承销。公开来源中最可靠的封面指标包括:最新一轮估值 $1.4 billion(2022 年 2 月);累计股权融资约 $271 million;Latka 数据库显示 ARR 约 $48.5 million(2024 年 11 月)和约 $75 million(2025 年 6 月),隐含约 54% ARR 增长;LinkedIn 衍生估计显示员工数约 135 人(2022 年 2 月)、约 192 人(2022 年 12 月)、约 202 人(2023 年 12 月)和约 201 人(2025 年 11 月)。 客户牵引信号以定性为主。Series D 新闻稿称,前一年收入增长 500%,客户基数增长 300%,已签约 Fortune 500 和 Global 500 客户增长 900%。具名企业客户包括 Equinix、Amway、OneMain Financial、Finastra、Aon、Telefónica、City National Bank、Live Oak Bank、HealthEquity、Navan、Takeda Pharmaceuticals、BP Launchpad、Markel、Berkshire Bank、Icatu Seguros 和 Apiture。所审阅的公开来源都没有披露绝对客户数。精确的单客户 ARR(ACV)、净收入留存和毛利率仍属私有信息,无法在没有管理层接触时确认。公司的披露姿态按标准分类属于私有未披露。[CO028, CO029, CO030, CO031, CO032, CO033]
| 指标 | 数值 / 状态 | 日期 | 置信度 | 缺口 / 尽调路径 |
|---|---|---|---|---|
| 估值 | $1.4 billion | 2022-02-10 | 高 | Series D 后没有新股融资确认当前估值 |
| 累计股权融资 | ~$271 million | 2022-02-10 | 高 | 二手来源给出 $271M 至 $281M;Series D Form D 确认 $140M 融资批次 |
| ARR | ~$48.5M(Nov-2024);~$75M(Jun-2025) | 2025-06-01 | 中 | Latka 数据;公司未发布官方 ARR;需要管理层直接确认 |
| ARR 增长(同比) | ~54% | 2025-06-01 | 中 | 由 Latka 估计推导;没有经审计数字 |
| 员工数 | 约 201 名员工 | 2025-11-01 | 中 | 来自 LinkedIn 推算;未官方披露 |
| 客户数 | 未披露 | 低 | 没有公开数量;新闻稿提到具名参考客户 | |
| 最近一轮新股融资 | Series D – $140M | 2022-02-10 | 高 | 后续融资未公告;老股交易显示估值可能打折 |
| 毛利率 | >90%(2020 年称);当前未知 | 2020-06-01 | 低 | 2020 年数据来自 TechCrunch;当前毛利率未公开 |
ARR 和员工数来自第三方数据库估计(Latka、LinkedIn)。估值和融资金额来自公司新闻稿和 SEC Form D 文件。 日期为空表示该指标从未公开披露。
[CO028, CO029, CO030, CO031, CO032, CO033]序数评分卡把已溯源证据转成 Salt Security 截至 2026 年中的成熟度、资本获取能力和披露质量速览。
评分为分析师构建的 0-10 序数评级,基于本章已溯源主张;并不代表公司发布的 KPI 数值或官方评分方法。
[CO001, CO004, CO017, CO022, CO031, CO042]1.5 里程碑、合作关系与负面信号
Salt Security 的里程碑可以分为四个阶段:创始期技术开发(2016–2019)、快速资本形成与品类定义(2020–2021)、独角兽扩张与国际化(2022),以及产品拓宽和 ARR 爬坡(2023–2025)。 重要产品里程碑包括:隐身期推出有专利的 C-3A Context-based API Analysis Architecture;2023 年推出 STEP(Salt Technical Ecosystem Partner)计划,正式化技术集成;在 Fal.Con 2023 宣布 CrowdStrike Falcon 集成;2024 年末推出 Falcon Next-Gen SIEM 扩展;以及 2025 年连续十二个月发布产品,包含 GitHub Connect、MCP Finder、面向 AWS WAF 的 MCP 防护和 Ask Pepper AI 对话式助手。Salt Labs——Salt 专门的 API 安全研究部门——增强了发表可信度和品牌权威;按公司自身说法,Salt Labs 发现的 API 漏洞多于任何其他研究团队。 对一家安全公司来说,负面信号不多但有实质意义。Escape.tech 的一份竞品对比(2025)批评 Salt 的测试能力,称其依赖 HTTP header 分析而不是深度 payload 检查,并且在发现位于网关或代理之外、未被监控的 API 时存在限制。Akto 的竞品分析称,平台复杂度和高价位会阻碍中端市场买家。截至本次报告日期,在 layoffs.fyi 或相关追踪器中未发现 Salt Security 的 WARN Act 备案或公开大规模裁员,不过绝对员工数自 2022 年末以来似乎在 200 人左右平台期。二级市场平台 Forge 将 Salt Security 列为有市场活动、可交易的公司,同时提示显示价格可能较最近一轮新股估值折价。自 2022 年 2 月以来没有新融资——已超过四年——引出一个问题:公司现金跑道是否充足,是否正在走向退出或桥接融资。[CO035, CO036, CO037, CO038, CO039, CO040]
| 日期 | 事件 | 类型 | 金额 / 估值 / 状态 | 参与方 | 影响 |
|---|---|---|---|---|---|
| 2016-01-01 | 以色列网络安全老兵创办 Salt Security;前身实体注册为 Secful | 创立 | N/A | Roey Eliyahu、Michael Nicosia | IDF 老兵创始人创立首家专注 API 安全的公司 |
| 2018-09-19 | 种子轮;提交 SEC Form D(文件号 021-321687) | 融资 | 金额未披露 | 投资方包括 S Capital VC、Y Combinator | 创立期投资人提供早期资本,验证产品投资逻辑 |
| 2019-01-01 | 公司从 Secful 更名为 Salt Security;走出隐身模式 | 产品 | N/A | Salt Security | 公开品牌发布;以 API 安全品类创建者定位 |
| 2020-06-16 | 宣布 Series A;Tenaya Capital 领投 | 融资 | $20 million | 投资方包括 Tenaya Capital、S Capital VC、Y Combinator | 首家一线 VC 背书;Banahan 加入董事会;平台向企业级扩展 |
| 2020-12-08 | 宣布 Series B;Sequoia Capital 领投 | 融资 | $30 million(累计融资 $60M) | 投资方包括 Sequoia Capital、Tenaya Capital、S Capital VC、Y Combinator | Eschenbach 加入董事会;代表 API 安全品类拿到 Sequoia 级验证 |
| 2021-05-26 | 宣布 Series C;Advent International 领投 | 融资 | $70 million(累计融资 $131M) | 投资方包括 Advent International、Alkeon Capital、DFJ Growth、Sequoia、Tenaya、S Capital、YC | 公司称收入增长 400%;进入欧洲和拉美 |
| 2021-06-16 | 提交 Series C 的 SEC Form D(文件号 021-403048) | 融资 | ~$70 million | 注册地 Delaware;地址为 Palo Alto, CA | 监管记录确认 Series C 交割日期和公司法定注册地 |
| 2022-02-10 | 宣布 Series D;CapitalG 领投;达到独角兽状态 | 融资 | $140 million,估值 $1.4B(累计融资 $271M) | CapitalG、所有现有投资人;James Luo 加入董事会 | 独角兽里程碑;公司史上最大单笔支票;支持 R&D 和全球扩张 |
| 2022-02-18 | 提交 Series D 的 SEC Form D(文件号 021-434118) | 监管 | $140 million 已接受;$15.6M 仍可募集 | Roey Eliyahu 签署文件 | 官方监管文件确认 Series D 交割和金额 |
| 2022-09-01 | CrowdStrike Falcon Fund 战略投资 | 融资 | 金额未披露 | CrowdStrike Falcon Fund | 战略合作锚点;开始 Falcon Platform 集成 |
| 2023-08-01 | 启动 STEP(Salt Technical Ecosystem Partner)计划 | 合作 | N/A | Salt Security | 正式化第三方集成;借助技术生态拓展 GTM |
| 2023-09-18 | 在 Fal.Con 2023 宣布 CrowdStrike Falcon 集成 | 合作 | N/A | Salt Security、CrowdStrike | 与 Falcon Platform 集成;形成 API + 端点安全组合态势 |
| 2023-10-01 | Matt Quarles(CRO)和 Michael Callahan(CMO)加入高管团队 | 治理 | N/A | Matt Quarles、Michael Callahan | Series D 后 GTM 领导层加厚;释放收入扩张和品牌投入信号 |
| 2024-01-01 | Salt Labs 发布 2024 State of API Security 报告 | 产品 | N/A | Salt Labs | 原创研究建立可信度并生成销售管线;报告被行业广泛引用 |
| 2024-12-01 | 扩展与 CrowdStrike 的 Falcon Next-Gen SIEM 集成 | 合作 | N/A | Salt Security、CrowdStrike | API 遥测与端点 / 身份 / 云遥测结合,形成整体威胁视图 |
| 2025-11-01 | 推出 Ask Pepper AI 对话式安全助手 | 产品 | N/A | Salt Security | 平台上的对话式 AI 覆盖层;让 Salt 卡位 AI 驱动安全工作流 |
| 2025-12-31 | 宣布 12 个月创新节奏;ARR 约 $75M 里程碑(截至 2025 年 6 月) | 规模 | ~$75M ARR | Salt Security | ARR 以约 54% 同比持续增长;产品宽度延伸到 MCP / AI 智能体安全 |
只披露月份 / 年份的产品里程碑,日期按近似处理。已审阅来源均未披露种子轮金额。负面事件: layoffs.fyi 追踪器未发现;Escape.tech 对测试限制的批评属于产品 / 声誉负面信号,而不是公司事件。
[CO018, CO019, CO020, CO021, CO022, CO023]Salt Security 的公开里程碑记录从 2016 年创立、2022 年独角兽轮到 2025 年 ARR 里程碑,按时间线列出关键融资、产品和合作事件。
产品里程碑日期在仅披露大致季度或年份时估计到最近月份。种子轮日期来自 SEC Form D 申报日期(2018-09-19)。ARR 里程碑日期根据 Latka 数据库快照估计。
[CO018, CO020, CO021, CO022, CO035, CO036]1.6 图表要点
02市场分析
2.1 市场定义与边界
API 安全保护应用程序编程接口,覆盖发现、态势治理、运行时威胁检测和面向开发者的左移控制。该市场位于更宽的 Web Application and API Protection(WAAP)品类之内;Gartner 将 WAAP 定义为包括 Web 应用防火墙(WAF)、机器人防护、分布式拒绝服务(DDoS)缓解和 API 专项控制。Salt Security 这类专用 API 安全厂商只聚焦 API 层,而既有 WAAP 厂商则把 API 防护打包进更宽的平台产品。 纳入支出范围的包括:API 发现和资产清单工具、API 态势治理与合规平台、API 行为式运行时威胁检测、API 安全测试(DAST、模糊测试、schema 校验),以及智能体 / AI API 安全。不纳入狭义 API 安全市场的包括传统 WAF 支出(计入 WAAP 或应用安全)、API 网关管理和开发者工具(计入 API 管理)、通用 AppSec 测试平台(SAST、SCA),以及身份与访问管理(IAM)支出。 现状替代方案包括:企业 WAF 规则(Imperva、Akamai、F5、Cloudflare),能提供部分 API 可见性;API 网关安全策略(Kong、MuleSoft、AWS API Gateway);自建 API 清单表和手工渗透测试;以及覆盖 API 有限的 SaaS 安全态势管理(SSPM)工具。这些替代方案服务的是尚未设立专用 API 安全预算项的预算。 OWASP API Security Top 10(2023 版)锚定了买家评估解决方案时参考的风险分类。G2 的 API Security 品类要求产品必须发现并盘点 API、执行认证和 RBAC、加密数据、记录访问活动并执行漏洞评估——这些标准定义了最低可行产品底线,也塑造采购清单。[CM001, CM002, CM003, CM004, CM005, CM006]
| 细分 / 类别 | 纳入支出 | 排除支出 | 买方 / 付款方 | Salt 相关性 |
|---|---|---|---|---|
| API 发现与清单 | 专用的基于运行时流量和代码扫描的 API 发现;影子 API 和僵尸 API 检测 | API 网关目录功能;API 管理门户清单 | CISO / AppSec 团队 | 核心 — Salt Illuminate 发现 |
| API 态势治理 | Policy Hub、合规映射(PCI DSS、GDPR、NIST、SOC 2)、开发者修复 | 通用 GRC/IRM 平台;云安全态势管理(CSPM) | CISO / DevSecOps | 核心 — Salt 态势模块 |
| API 运行时行为威胁检测 | 基于 ML/AI 的行为分析,覆盖 BOLA、认证滥用、账户接管、业务逻辑攻击 | 传统 WAF 签名规则;SIEM 关联规则 | CISO / 安全运营 | 核心 — 专利 ML 检测引擎 |
| API 安全测试(DAST / fuzzing) | 自动化 API fuzzing、schema 验证、对齐 OWASP 的 DAST | Web app 通用 DAST;SAST;SCA | AppSec 工程师 / DevSecOps | 相邻 — 42Crunch、Traceable、Salt Code(2026 年推出) |
| 智能体 / AI API 安全 | MCP 服务器安全、提示注入检测、AI 智能体访问治理 | LLM 防护栏;AI 模型安全;数据泄露防护 | CISO / AI 平台团队 | 新兴 — Salt Agentic Security Platform(2025-2026) |
| WAAP(WAF + API + bot + DDoS 打包) | WAAP 平台内打包的 API 安全能力 | 独立 WAF;CDN 性能;DDoS 清洗(本范围外) | CISO / 网络安全 | 竞争渠道 — Akamai、Cloudflare、Imperva |
| 现状 / 替代方案 | API 网关安全策略;手工渗透测试;自建清单表;SSPM 部分覆盖 | 所有现代专用 API 安全工具 | DevOps / 平台工程 | 替换目标 — 关键竞争预算分配 |
范围边界为近似划分;供应商的品类主张经常模糊相邻细分。监管合规(PCI DSS、GDPR、HIPAA) 越来越要求专用 API 安全工具,而不是网关级控制,这会把部分 WAAP 预算转向专用方案。
[CM001, CM002, CM003, CM004]2.2 市场规模 — TAM、SAM 与相互冲突的估计
MarketsandMarkets(2023 年 7 月)估计,独立 API 安全市场到 2028 年将达到 USD 3,034 million,CAGR 为 32.5%。这一数字只覆盖 API 安全平台和解决方案、专业服务以及托管服务,地理范围为全球。方法论是自下而上的厂商收入汇总叠加自上而下增长建模;局限包括依赖厂商提供数据、纳入相邻品类导致范围外溢,以及发布时间窗口距离本次报告日期较早且较集中。 更宽的应用安全市场提供了更大的可寻址框架:MarketsandMarkets(2026 年 7 月)预计 App Security 市场 2026 年为 USD 41.16 billion,到 2031 年增至 USD 66.03 billion,CAGR 为 9.9%;API 安全只是其中一个子细分,与 SAST、DAST、SCA、容器安全和移动 AppSec 并列。API 安全在 App Security 支出中的份额没有被精确拆出,但分析师笔记显示,在成熟项目中,10–15% 的 App Security 预算会留给 API 专项工具。 相互冲突的估计被保留下来:MarketsandMarkets 到 2028 年 $3.0B 的数字,在 32.5% CAGR 下倒推 2023 年基数约 $680M;而行业媒体引用的一些分析师摘要,把 2026 年 API 安全市场放在 $3–5B。这些差异来自定义边界不同(狭义 API 安全 vs. WAAP vs. 完整 App Security)、方法论不同(厂商收入 vs. 买方支出),以及是否纳入专业服务。Salt Security 的 SAM——聚焦 1,000 名以上员工、应用栈复杂且 API 密集、位于受监管垂直行业的大型企业账户——无法从公开来源精确拆出;该证据缺口已记录。 行业信号印证了需求增长:Salt 2024 State of API Security 报告发现,66% 的组织管理超过 100 个 API(2023 年为 59%),API 数量同比增长 167%。Gartner 2021 年修订后的预测称,API 滥用将成为企业 Web 应用泄露中最常见的攻击向量。这些数据点是验证市场创建的滞后指标,但不能直接换算为可寻址收入池。[CM007, CM008, CM009, CM010, CM011, CM012]
| 发布方 | 报告年份 | 地区 | 市场 / 范围 | 基准值(USD) | 目标值(USD) | CAGR | 方法 | 置信度 | 局限 |
|---|---|---|---|---|---|---|---|---|---|
| MarketsandMarkets | 2023 | 全球 | API 安全(专用) | ~$680M(2023 估计) | 到 2028 年 $3,034M | 32.5% | 供应商收入自下而上 + 自上而下增长测算 | 中 | 2023 年 7 月发布;早于 AI/MCP 扩张;供应商收入不等于买方支出 |
| MarketsandMarkets | 2026 | 全球 | 应用安全(含 API 安全) | 2026 年 $41,160M | 到 2031 年 $66,030M | 9.9% | 供应商 + 买方汇总 | 中 | API 安全只是约 10–15% 子细分;未单独拆出 API 支出 |
| Salt Security(调研) | 2024 | 全球(企业样本) | API 安全支出成熟度信号 | 7.5% 组织有专用 API 测试(2024) | 12% 组织有高级项目(2023) | 下降 | 从业者调研,约 200+ 名受访者 | 中低 | 自报;厂商赞助;样本偏向 Salt 客户 |
| Gartner(WAAP) | 2021-2022 | 全球 | WAAP(WAF + API + 机器人 + DDoS) | 未披露 | N/A — 定性市场定义 | N/A | 分析师定性框架 | 中 | 仅定性;可访问层级没有美元规模测算;完整专有报告需付费 |
| Salt Labs / Salt Security | 2024 | 全球企业客户 | API 攻击面信号 | API 数量同比增长 167% | 事件率 37%(2023 年为 17%) | N/A | 平台实证数据 + 调研 | 中 | 厂商来源;平台数据只覆盖 Salt 客户子集 |
估算会随范围定义大幅变化(专门 API 安全 vs. WAAP vs. 完整应用安全)。 MarketsandMarkets 预测 2028 年 $3B、隐含 2023 年基数 $680M,是被引用最多的独立 API 安全数字,但早于 2024–2025 年智能体 AI 扩张。买方应把所有第三方规模测算都视为方向性参考;开放来源中没有 Gartner 或 IDC 数字估计的独立印证。
[CM007, CM008, CM009, CM010, CM014]TAM 近似取 2028 年应用安全市场($66B);SAM 取应用安全中的专用 API 安全板块(MarketsandMarkets 预测 2028 年约 $3B);SOM 取独立 API 安全厂商在企业细分市场可触达的子集。
TAM 使用 MarketsandMarkets 2026-2031 应用安全预测。SAM 使用 MarketsandMarkets 2023 API 安全报告并外推至 2028 年。SOM 估计为 SAM 的 20–30%,代表未仅由 WAAP 捆绑包服务的企业账户;没有独立分析师佐证 SOM。不要把 SOM 视为已验证数字。
[CM007, CM008, CM009]基于可获得的分析师和供应商数据点,用同一单位(十亿美元)给出 2026 年全球 API 安全及 WAAP 相邻市场的低 / 基准 / 高边界。
所有数值均来自供应商或市场研究估计,不是独立审计数字。独立 API 安全的低 / 高边界反映各来源定义差异(狭义仅 API 与包含 WAAP),不是概率分布。来自不同发布方的相互矛盾估计被有意保留。
[CM007, CM009, CM010, CM011]2.3 买家分层与采用路径
API 安全采购主要由企业驱动。核心买方画像是年收入超过 USD 500 million、API 暴露面复杂(100+ 外部 API)且承担受监管数据义务的组织中的首席信息安全官(CISO)或应用安全副总裁。多数采购周期里,CISO 拥有预算;AppSec 或 DevSecOps 团队负责技术评估;DevOps 和平台工程团队是最终用户和集成负责人。 垂直集中度较高:Salt Security 的具名客户覆盖金融服务(OneMain Financial、Berkshire Bank、City National Bank、Live Oak Bank、Apiture、Finastra、Icatu Seguros)、保险(Aon、Markel)、制药(Takeda)、科技 / SaaS(Equinix、Navan、HealthEquity、Apiture)以及能源 / 工业(BP Launchpad)。这种分布与 OWASP Top 10 威胁暴露相吻合:金融 API 承担 BOLA / 认证风险;医疗 API 承担数据隐私监管暴露(HIPAA、GDPR);数字商务 API 承担业务逻辑滥用和机器人攻击风险。 采用路径通常从发现先行开始:组织先做 API 清单和影子 API 发现(无需安装 agent),观察行为基线,再扩展到态势治理和运行时威胁检测。企业规模下的概念验证(POC)周期被指出为 3–6 个月,这会拉长销售周期,并让已确认 ARR 相对签约额更慢释放。WAAP 套件整合(Akamai、Imperva、Cloudflare)提供了另一条采用路径:API 安全作为既有 WAF 许可证的新增功能,而不是单独采购产品。 预算负责人的决策框架越来越由合规驱动:PCI DSS v4.0(2025 年生效)引入 API 专项要求;针对 API 数据暴露的 GDPR 执法行动正在增加;美国 Executive Order on Improving the Nation's Cybersecurity(EO 14028)提高了联邦承包商在软件供应链和 API 安全上的要求。这些监管顺风把 API 安全从可自由裁量的采购,转成受监管垂直行业中合规强制的预算项。[CM016, CM017, CM018, CM019, CM020, CM021]
| 细分市场 | 主要买方 | 技术评估者 / 用户 | 付款方 / 预算负责人 | 核心工作流需求 | 预算类别 | 采用触发因素 |
|---|---|---|---|---|---|---|
| 金融服务(银行、保险) | CISO | AppSec / DevSecOps 团队 | CISO / CTO | API 发现 + BOLA / 认证威胁检测 + PCI DSS 合规 | 安全运营 / 合规 | PCI DSS v4.0 API 要求;BOLA 类泄露登上头条 |
| 医疗健康 / 制药 | CISO / 首席隐私官 | AppSec 工程师 | CISO | 符合 HIPAA 的 API 清单 + PHI 数据暴露检测 | 合规 / 隐私 | HIPAA 执法行动;FDA 面向 API 的软件指南 |
| 数字商业 / 电子商务 | CISO / 工程副总裁 | 平台 / API 网关团队 | CTO / CISO | 影子 API 发现 + 机器人 / 账号接管防御 + 业务逻辑滥用 | 安全运营 | API 事件;董事会层面的品牌风险;客户数据泄露 |
| 电信 / 数字服务 | CISO / 安全副总裁 | 网络 / API 安全团队 | CTO | 高流量 API 行为分析(每天 10B+ 次交互规模) | 安全运营 | 监管审计;API 流量异常;竞争对手被攻破 |
| 科技 / SaaS | CISO | DevSecOps / 平台安全 | CISO / CFO | 开发者 API 态势治理 + CI/CD 集成 + SOC 2 合规 | 安全工程 | SOC 2 审计要求;渗透测试发现;投资人尽调 |
| 能源 / 工业 | CISO / OT 安全团队 | 安全架构师 | CISO | 面向 IoT/OT API 端点的影子 API 清单 + 合规 | 合规 / 风险 | OT 安全审计;政府指令 |
| 政府 / 联邦承包商 | CISO / AO(授权官员) | 安全评估员 | CIO / CISO | 符合 FedRAMP 的 API 发现 + EO 14028 SBOM/API 要求 | 合规 | 行政令 14028;FedRAMP 认证要求 |
细分市场分布基于 Salt Security 公开点名的客户(新闻稿、Series D 公告、Salt Labs 研究),以及 OWASP API Top 10 风险到行业的映射。各细分市场的预算负责人根据公开采购模式推断;未通过买方 RFP 或合同数据独立验证。
[CM016, CM017, CM018, CM019, CM020]把各垂直领域买方画像映射到预算归属、触发事件,以及专用 API 安全产品的采用成熟度。
采用阶段(成熟 / 中期 / 早期)根据 Salt 客户新闻稿和行业调研数据推断,并非来自独立买方调研数据。
[CM016, CM017, CM018, CM019, CM020]2.4 增长驱动因素与采用约束
到 2028 年,五个主要增长驱动因素正在塑造 API 安全市场。第一是 API 激增:Salt 2024 报告记录,API 数量同比增长 167%,66% 的组织管理超过 100 个 API,67% 的组织每月收到超过 10 million 次 API 请求。每一个新 API 都是潜在攻击面,传统工具无法覆盖。第二是攻击升级:37% 的受访者在过去 12 个月发生过 API 安全事件(2023 年为 17%),拥有高级 API 安全项目的比例从 12%(2023)降至 7.5%(2024)——说明成熟防御供给落后于攻击者需求。 第三是监管与合规压力:OWASP API Security Top 10(2023)把采购团队如今直接引用的风险类别标准化;PCI DSS v4.0 和 GDPR 在金融和医疗垂直行业创造可执行义务;美国和欧盟 AI 治理框架也要求智能体 AI 工作负载具备 API 级控制。第四是智能体 AI 和 LLM 采用:当组织部署通过 Model Context Protocol(MCP)服务器和 REST / GraphQL API 通信的 AI 智能体时,API 攻击面会扩展到提示注入、权限过大的智能体,以及未经审查的第三方工具集成——这是既有 WAF 和网关厂商无法原生处理的新风险类别。Salt 的 2025 年路线图(Salt Illuminate、MCP protection、Ask Pepper AI)正是围绕这一驱动因素定位。 第五是数字化转型和云迁移:多云架构会增加 API 端点数量,也增加需要一致策略执行的环境数量;微服务拆分把单体业务逻辑转成 API 暴露服务,进一步放大发现和治理挑战。 采用约束也很实质。预算集中度有限:只有 7.5% 的组织拥有专门 API 测试和威胁建模项目,意味着大众市场尚未在独立 API 安全工具上花钱。3–6 个月 POC 周期、部署复杂度(流量镜像、传感器部署、SIEM 集成)以及高日志成本(Escape.tech 批评 Salt 的流量镜像方法会增加日志成本)会放慢价值实现时间并拉长回本周期。Akamai、Cloudflare 和 Imperva 的既有 WAAP 打包,使大型企业客户能在现有合同上以零或接近零的增量成本满足清单式 API 安全要求,压低独立 API 安全交易规模和赢单率。市场整合(Akamai 2024 年以约 $450M 收购 Noname Security)把渠道权力和资质背书集中到既有厂商手中。[CM023, CM024, CM025, CM026, CM027, CM028]
| 驱动因素 / 约束 | 方向 | 时间 | 对 Salt Security 的影响 | 尽调问题 |
|---|---|---|---|---|
| API 扩张(数量同比增长 167%) | 顺风 | 当前 / 持续 | 可触达攻击面扩大;API 发现产品紧迫性上升 | 确认 Salt 平台数据中 API 数量指标的方法论 |
| API 攻击升级(2024 年事件率 37%,2023 年为 17%) | 顺风 | 当前 / 加速 | 付费意愿抬升;支撑 32.5% 市场 CAGR;让 CISO 更紧迫 | 用独立泄露数据验证(IBM Cost of a Data Breach、Verizon DBIR) |
| 监管压力(OWASP API Top 10、PCI DSS v4.0、GDPR、EO 14028) | 顺风 | PCI DSS v4.0 自 2025 年 3 月起生效;GDPR 执法持续 | API 安全从可选项变成合规强制项;监管行业采用提速 | 确认 PCI DSS v4.0 API 要求措辞和执行日期 |
| 智能体 AI / MCP 服务器采用 | 顺风 | 2025–2027 年开始显现 | 新攻击面需要厂商新能力(提示词注入、智能体认证) | 验证 Salt 的 MCP 防护产品成熟度,以及智能体 AI 用例中的客户赢单 |
| 数字化转型 / 多云 | 顺风 | 持续 | 每家企业 API 更多;更多环境需要一致治理 | 评估 Salt 平台的多云覆盖(AWS、Azure、GCP 连接器成熟度) |
| API 安全项目成熟度低(7.5% 达到高级) | 约束 | 当前;泄露事件累积后可能缓解 | 限制近期 SAM;许多企业仍处于现状阶段(WAF + 网关) | 跟踪 Salt Labs / 行业年度调研中的成熟度演进 |
| POC 周期长(据称 3–6 个月) | 约束 | 当前 | 拖慢 ARR 确认;压缩未来 12 个月收入可预测性;推高 CAC | 向管理层索取 POC 到成交转化率和平均销售周期 |
| 既有厂商捆绑 WAAP(Akamai、Cloudflare、Imperva) | 约束 | 当前 / Noname 收购后加剧 | 压缩 SAM;既有厂商可在存量合同上以边际成本提供 API 安全 | 评估面对 WAAP 捆绑交易的替换赢率;$0 增量交易规模 |
| 更广 AppSec / 云安全整合带来的预算竞争 | 约束 | 当前 | CISO 在整合厂商;Salt 与 CNAPP、SAST、SCA 争夺 AppSec 预算 | 确认平台扩展策略能否降低厂商整合中的单点工具风险 |
| 高流量镜像 / 日志成本 | 约束 | 当前 | Escape.tech 的批评显示,流量镜像会推高日志成本;高流量 API 环境对基础设施成本敏感 | 评估成本对中端市场买方的影响;在计入日志成本后验证规模化毛利率 |
驱动因素和约束评估基于 Salt Security 的 2024 State of API Security 报告、MarketsandMarkets 规模测算、OWASP API Security Top 10(2023)、PCI DSS v4.0 文档,以及 Escape.tech 和 Akto.io 的竞争评论。监管时间为大致估计。
[CM023, CM024, CM025, CM026, CM027, CM028]展示从 CISO 初始认知到平台扩张的购买旅程,并标出既有 WAAP 捆绑和漫长 POC 周期侵蚀销售管线的流失点。
漏斗阶段数值为示意性估计,来自披露的 POC 周期长度和 WAAP 捆绑评论;Salt 或其他 API 安全供应商没有公开独立转化率数据。数值仅应视为相对比例。
[CM028, CM029, CM030]2.5 图表要点
03竞争格局
3.1 格局与竞争者类型
Salt 面对的已不再是干净的纯 API 安全赛道。直接 API 原生厂商仍然在产品对产品评估中最重要:Akamai 收购 Noname 后、Harness 旗下 Traceable、Cequence、Wallarm 和 42Crunch 都能讲出清晰的专用 API 安全故事。但市场边界向两个方向扩大。第一,Prisma Cloud、Cloudflare、Fastly 和 Imperva 等更宽的 WAAP 与 CNAPP 厂商,已经把发现、防护和态势能力作为更大的应用、边缘或云安全平台的一部分来营销。第二,Kong 式网关和 DataDome 这类机器人专家也可能吸收更窄的预算线,尤其当买家只想要验证、限流或滥用防御,而不是完整 API 安全控制平面时。 品类也在整合。Noname 被 Akamai 吸收,Traceable 与 Harness 合并,说明 API 安全越来越通过更大的安全和交付平台分发,而不是继续停留在独立采购动作中。对 Salt 来说,这很重要,因为买家短名单如今会把纯玩家、边缘或 WAAP 套件、CNAPP 平台以及现状控制放在同一次评估里。因此本章把市场分成四类:直接 API 原生对手、打包式 WAAP 和云既有厂商、网关或边缘替代方案,以及既能帮助 Salt 分发、也能显示市场正在向何处收敛的合作伙伴平台。[CP001, CP007, CP010, CP013, CP016, CP018]
| 厂商 | 类别 | 规模 / 平台信号 | 目标客群 | 差异化 | 相比 Salt 的局限 |
|---|---|---|---|---|---|
| Salt Security | 本报告标的 API 安全专精厂商 | CrowdStrike Marketplace 应用,加上 Wiz 集成信号 | 需要发现、态势和行为检测的企业安全团队 | 在既有工作流中提供发现、态势治理和行为分析 | 不拥有边缘网络;已保留来源中也没有宣传最清晰的原生内联阻断叙事。 |
| Akamai + Noname | WAAP 与边缘平台内的直接对手 | 约 $450M 收购;Noname 员工 200+;更广的 Akamai 应用和 API 平台 | 希望统一应用、边缘和 API 防护的大型全球企业 | 在规模化平台厂商内部提供影子 API 发现和部署选择 | Gartner 批评意见提到价格高、误报、UI 复杂。 |
| Traceable by Harness 平台 | DevSecOps 平台内的直接对手 | 与 Harness 合并,加上 2024 年战略投资和强增长说法 | 需要设计到运行时 AppSec 与 API 覆盖的企业 | 生命周期覆盖态势、测试、威胁狩猎和防护 | 公开证据在定价以及明确内联阻断优势上都偏薄。 |
| Cequence | 具备直接内联能力的专精厂商 | Unified API Protection 定位,并有机器人和欺诈防护积累 | 希望在一个 API 原生平台内完成发现、防御和测试的安全团队 | 原生实时修复,以及强发现—检测—防御叙事 | 已保留资料中,公开规模和打包可见度有限。 |
| Wallarm | 直接内联专精厂商 | 混合或托管部署,并支持广泛协议 | 优先在异构 API 协议上做内联防护的团队 | 无需规格的内联阻断,加上 AI、影子和僵尸 API 发现 | 竞争对手撰写的对比页可能夸大对手弱点。 |
| 42Crunch | 左移与运行时专精厂商 | 合约驱动平台,带审计和微防火墙文档 | OpenAPI 纪律成熟的 DevSecOps 与 API 团队 | CI/CD、审计和基于合约执行的叙事较强 | 当前运行时文档不支持 GraphQL 防护。 |
| Prisma Cloud | WAAP 与 CNAPP 既有厂商 | 集成 CNAPP 和 WAAS,并带 API 安全模块 | 正在整合安全厂商的云原生和混合企业 | 发现、风险画像、机器人、DoS,以及内联或带外执行 | API 原生定位弱于专精厂商。 |
| Cloudflare | WAAP 与边缘既有厂商 | 全球网络,加上企业支持和打包附加项 | 已使用 Cloudflare 流量与安全栈的云优先企业 | 在边缘做端点发现和正向安全执行 | Gartner 历史批评集中在缺少混合部署。 |
表格强调与 Salt 实际采购替代方案最相关的竞争对手,而不是长尾中的每一家 API 安全厂商。
[CP001, CP004, CP006, CP007, CP009, CP010]基于证据的序位视角,衡量运行时执行深度与平台广度、分发能力之间的关系。
序位评分是定性判断,但锚定有来源支撑的主张:内联阻断、部署控制和平台分发广度。
[CP001, CP008, CP011, CP014, CP016, CP018]3.2 能力模型:运行时深度、态势与左移取舍
Salt 的公开差异化不只是「API 安全」,而是发现、态势治理和行为威胁分析这套组合,可以接入既有安全栈。也正因为如此,它与两个最尖锐的专业厂商反向定位不同。Wallarm 和 Cequence 从在线阻断一侧切入,主张如果平台不能原生实时阻断滥用、账户接管和 OWASP API 攻击,发现和检测就不够。42Crunch 则从契约优先一侧推进:当团队已经管理成熟的 OpenAPI 定义,并希望把策略执行直接绑定到 API 契约和 CI/CD 闸门时,它的微防火墙和审计工作流最强。 更宽的平台厂商竞争方式不同。Prisma Cloud 把发现、风险画像、机器人和 DoS 控制,以及在线与带外两种部署,放进 CNAPP 和 WAAS 框架。Cloudflare 和 Fastly 把 API 安全带入边缘原生流量、滥用和 DDoS 工作流。Kong 对 Salt 的直接替代较弱,因为它依赖插件、网关控制和开发者拥有的策略,而不是专用 API 发现和行为分析;但对那些在购买专业平台前想要「足够好」网关安全的买家来说,Kong 仍是有意义的替代。实际读法是:当买家重视深度 API 专项上下文、又不想重建 WAF、CDN 或网关体系时,Salt 能赢;当对手可以把同样功能压进在线执行或既有平台预算时,Salt 的叙事优势就会丢失。[CP001, CP002, CP003, CP013, CP014, CP015]
| 采购标准 | Salt | Akamai / Noname | Traceable | Cequence | Wallarm | 42Crunch | WAAP 捆绑套件类别 |
|---|---|---|---|---|---|---|---|
| 影子与僵尸 API 发现 | 强 | 强 | 强 | 强 | 很强 | 限于合约定义范围 | 中等到强,取决于平台 |
| 态势治理与合规映射 | 强 | 中等到强 | 强 | 中等 | 中等 | 通过合约质量门控达到中等 | Prisma 和 Cloudflare 式套件较强 |
| 运行时行为检测 | 很强 | 强 | 强 | 强 | 强 | 相比流量行为专精厂商有限 | 中等到强 |
| 原生内联阻断 | 已保留来源中显示为合作伙伴驱动或工作流驱动 | 强 | 已保留来源中为中等 | 强 | 很强 | 通过 API Firewall 达到强 | 主要套件较强 |
| 合约优先的左移与 CI/CD | 借集成达到中等 | 中等 | 中等 | 中等 | 中等 | 很强 | 中等 |
| REST 之外的协议广度 | 已保留来源中不清楚 | 声称覆盖广泛环境 | 已保留来源中不清楚 | 已保留来源中不清楚 | 很广:REST、GraphQL、gRPC、SOAP、WS | 以 OpenAPI 为中心;不支持 GraphQL 运行时 | 因厂商而异 |
| 分销与既有平台杠杆 | 伙伴主导 | 很强 | 借 Harness 增长 | 中等 | 中等 | 中等 | 很强 |
该矩阵采用有证据支撑的定性标签,而不是无支撑的数字评分;“WAAP 捆绑套件类别”主要指 Prisma Cloud、Cloudflare、Fastly、Akamai 和 Imperva 式平台。
[CP001, CP008, CP011, CP014, CP016, CP018]| 厂商组 | 部署形态 | 公开定价 / 打包可见度 | 公开买方适配信号 | 启示 |
|---|---|---|---|---|
| Salt | 可配合现有技术栈和伙伴工作流 | 已保留公开资料没有标价;仅见市场渠道和集成打包 | 买方希望获得专门 API 上下文、又不替换平台栈时最适合 | 经济性仍需看实时方案报价和受伙伴影响的交易语境。 |
| Akamai / Noname | 声称支持云、边缘、本地和第三方环境 | 已保留公开资料不透明 | 已从 Akamai 采购应用与 API 安全的企业最适合 | 部分交易中,捆绑杠杆可能压过单点产品深度。 |
| Traceable | Harness 内的设计到运行时平台 | 已保留公开资料不透明 | 希望把 DevSecOps 与 API 安全合并采购的买方最适合 | 平台邻近性比公开标价更关键。 |
| Cequence / Wallarm | Cequence UAP 加 Wallarm 混合或托管内联部署 | 已保留公开资料不透明 | 优先阻断和滥用防御的团队最适合 | 内联执行会把采购标准从单纯分析重构为防护能力。 |
| 42Crunch | 容器化 API Firewall 和合约驱动的平台部署 | 已保留公开资料不透明 | 规格优先、OpenAPI 归属成熟的团队最适合 | 买方可把该工具定位为开发与运行时控制,而不只是 SOC 软件。 |
| Cloudflare / Fastly / Prisma | 与更广应用安全服务捆绑的边缘或 CNAPP 打包 | Cloudflare 展示附加项和 SLA 结构;已保留资料中,其它厂商大多仍需咨询报价 | 平台整合买方最适合 | 公开打包比实际交付 TCO 更清楚,因此套件比较仍需报价方案。 |
| Kong / 网关替代方案 | 开源、企业版和 Konnect 部署路径 | 层级结构比专门 API 安全厂商更清楚 | 买方首先要网关控制、认证和限流时最适合 | 替代品可能先吃掉预算,专门 API 安全平台尚未采购。 |
本图表比较定价可见度和打包方式,不假装公开来源能揭示真实交付的软件加服务成本。
[CP027, CP028, CP039, CP040, CP046, CP047]3.3 分发权力、平台杠杆与伙伴重叠
这个市场的竞争权力越来越来自分发和相邻位置,而不只是产品清单。Akamai 收购 Noname,让它在更大的应用和边缘安全业务中拥有直接 API 安全资产。Cloudflare 和 Fastly 的优势在于它们已经坐在流量路径上。Prisma Cloud 则受益于既有 CNAPP、云和合规采购动作。那些厂商不需要单靠 API 安全取胜;它们可以把 API 安全与更宽的平台续约、云态势、WAAP、机器人管理或企业支持承诺打包。 Salt 的应对是合作伙伴驱动扩张。CrowdStrike 和 Wiz 集成加强了 Salt 的 GTM 路径,把 API 风险上下文放进许多企业已经运行的 XDR 和 CNAPP 工作流。CrowdStrike 集成尤其重要,因为它借助 Falcon agent 降低发现摩擦,并提供自动响应钩子;Wiz 集成则把 API 态势和威胁数据连接到云攻击路径分析。但这些集成也暴露出战略张力:如果 API 安全成为主导 XDR 和云安全控制台内的一个功能,平台所有者就会获得分发杠杆,并最终压缩专业厂商的议价权。公开定价证据加剧了这一点。Cloudflare 和 Kong 比专业厂商披露更多包装结构,但保留下来的证据仍无法给出真正同口径的交付成本,因此实时报价和输赢单数据比网站价格更重要。[CP003, CP004, CP005, CP006, CP023, CP024]
| 压力来源 | 它如何与 Salt 竞争 | 留存来源证据 | 对 Salt 的影响 | 尽调问题 |
|---|---|---|---|---|
| CrowdStrike 生态 | 让 Salt 在 Falcon 内更容易购买和运维,但工作流主导权仍在 Falcon | Marketplace 列表和集成页面 | 改善 Salt 分发,但 Falcon 掌握客户上下文和响应工作流 | 要求提供附加率、扩张率,以及 CrowdStrike 是拉动销售管线还是只是承载销售管线。 |
| Wiz 生态 | 把 Salt 的安全态势和威胁数据拉入 CNAPP 攻击路径分析 | Salt 与 Wiz 集成发布 | 让 Salt 更贴近云买家,但也把 API 安全常态化为 CNAPP 的一个功能 | 询问 Salt 云端销售管线中,合作伙伴来源与直销各占多少。 |
| WAAP 与 CNAPP 套件 | 把 API 安全与 WAF、DDoS、机器人防护和云态势打包 | Akamai、Prisma、Cloudflare、Fastly、Imperva 和 Gartner 转向来源 | 即使功能深度仍更强,Salt 也可能输给平台整合 | 要求提供买家选择更广套件而非专精厂商的竞争失单数据。 |
| 内联式专精厂商 | 把讨论从「谁看得更多」转成「检测还是阻断」 | Wallarm 和 Cequence 官方材料 | Salt 定位面临最尖锐的产品层反驳 | 询问 Salt 有多常靠接入执行层取胜,而不是自己掌握执行层。 |
| 左移式契约平台 | 把 API 安全前移到设计、契约审计和 CI/CD 卡点 | 42Crunch 产品和文档 | 开发者主导的采购动作可能绕过以运行时为先的评估 | 要求提供 Salt 与左移工具配套、以及被左移工具替代的案例。 |
| 网关和机器人防护工具 | 解决更窄的用例,如认证、校验、限速、抓取或账号接管 | Kong 和 DataDome 官方页面 | 替代品集合比具名的 API 安全直接竞品更宽 | 按控制目标拆分失单原因,不只按厂商名称。 |
竞争压力不只来自产品能力,也来自合作伙伴和平台的杠杆。替代品的广度还包括更窄的控制项,它们会压缩专门购买 API 安全的必要性。
[CP004, CP005, CP006, CP023, CP024, CP025]3.4 护城河耐久性与承销结论
Salt 的护城河真实存在,但比品类开创者叙事暗示的要窄。公司围绕发现、态势治理、行为分析,以及以合作伙伴友好的方式部署进既有技术栈,仍有连贯的专业厂商故事。当通用 WAAP 清单漏掉业务逻辑滥用、契约漂移或工作流集成需求时,这种深度仍有价值。Cequence、Wallarm 和 42Crunch 等直接专业厂商仍然存在,也说明市场尚未完全商品化为单一 WAAP 功能桶。 更难承销的问题是,更多买家默认平台整合之后,Salt 能否守住溢价定位。具备在线能力的专业厂商可以把对话转向「检测 vs. 阻断」质疑。WAAP 和 CNAPP 厂商可以把对话转向「为什么再买一个点产品?」质疑。混合部署或受监管买家可能偏好明确具备流量路径控制或混合部署表述的厂商。与此同时,公开来源仍不披露相对赢单率或交付经济性。因此,后续风险和估值工作的正确结论不是 Salt 缺乏差异化,而是它的耐久性取决于能否用私有证据证明三件事:第一,行为分析和态势治理能转化为可衡量的客户结果;第二,伙伴驱动分发能比平台内化该功能集更快扩大管线;第三,即使 API 安全成为更宽应用安全平台中的标准评估项,Salt 仍能守住利润率和续约质量。[CP002, CP007, CP016, CP021, CP022, CP030]
| 护城河主张 / 风险 | 威胁 | 严重性 | 证据 | 缓释措施 / 尽调问题 |
|---|---|---|---|---|
| 集成式发现 + 态势 + 行为分析 | WAAP 套件可以在更广平台内复制足够多的检查清单能力 | 高 | Salt 平台以及 Prisma、Cloudflare、Fastly、Akamai 和 Gartner 转向证据 | 证明 Salt 的深度能带来可衡量的检测、修复和续约结果。 |
| 合作伙伴主导分发 | 合作伙伴控制台可能成为主要控制平面和议价中心 | 中 | CrowdStrike 和 Wiz 集成 | 衡量合作伙伴主导分发带来的新增销售管线,是否快过平台所有权流失的速度。 |
| 内联阻断反驳 | Wallarm 和 Cequence 可以把 Salt 定位成先检测、非先阻断 | 高 | Wallarm 和 Cequence 官方主张与 Salt 定位 | 收集客户证明,说明 Salt + 执行层在生产环境中的表现。 |
| 混合部署和受监管买家适配度 | 买家可能偏好明确支持混合部署或流量路径控制的厂商 | 高 | Wallarm 混合部署文档、Akamai 环境主张、Prisma 和 Imperva 材料、Cloudflare 批评 | 按部署形态和合规敏感度映射赢单 / 失单结果。 |
| 公开定价不透明 | 留存公开记录无法证明相对打包替代方案的 ROI 或更低 TCO | 中 | Cloudflare 打包、Kong 分层和定价缺口主张 | 审阅至少三个买家细分中的实时报价、SOW 和续约数据。 |
| 品类整合 | Akamai/Noname 和 Harness/Traceable 显示,更大平台在吸收专精厂商 | 高 | Akamai 和 Traceable 交易来源 | 验证买家是否越来越偏好平台厂商,还是仍愿意为独立深度付费。 |
Salt 的护城河不只取决于产品质量,还取决于在平台厂商向 API 安全收敛时,专精深度是否仍值得单独占用预算。
[CP007, CP010, CP037, CP039, CP042, CP043]Salt 的竞争耐久性取决于差异化 API 深度、平台压力,以及公开记录无法补齐的证据缺口。
[CP001, CP004, CP005, CP006, CP016, CP037]3.5 图表要点
04财务情况
4.1 收入模式与定价结构
Salt Security 的收入模式是纯企业 SaaS 订阅,按年度合同销售,主要按照 API 调用量定价。公司没有发布公开定价页;最清晰的标价信号来自 AWS Marketplace 上架页,其中标准企业部署的公开基准价是每年 $100,000,覆盖每月最高 100 million 次 API 调用。Vendr 采购数据库和第三方定价聚合器确认,企业客户的估计平均合同价值(ACV)区间约为每年 $70,000 到 $210,000,差异来自调用量、功能集和谈判后的部署范围。 除基础订阅外,当月度 API 调用量超过合同阈值时,模式还包括超额费用。企业买家可以叠加更多能力,例如态势治理模块、高级修复,以及 CrowdStrike Falcon 集成附加模块。Salt Security 通过直销和云市场(AWS Marketplace、CrowdStrike Marketplace)销售,让客户可以用云承诺消费协议抵扣 Salt 采购。 收入几乎全部来自订阅;基于业务模式描述和公司沟通,专业服务(集成、概念验证交付)似乎只占总收入少数。AWS Marketplace 评论渠道中的一位合作伙伴称其定价「可承受」,且属于「年度订阅费」,同时指出集成支持更多是组织层面而非软件本身。这印证了纯软件收入确认模式,没有明显嵌入服务导致的毛利稀释。收入确认遵循标准 SaaS 订阅期内按月摊销会计,因此 ARR 在合同期内逐月确认,多年预付会形成递延收入。[CI001, CI002, CI003, CI004, CI005, CI006]
| 收入来源 | 机制 | 单位 | 当前值 / 状态 | 收入质量 | 尽调问题 |
|---|---|---|---|---|---|
| 年度订阅(直销) | 经常性软件订阅,企业直销 | $/年/客户 | 主导收入来源;~$75M ARR(2025 年中,Latka 估计) | 高 — 年度合同,按期确认收入 | 确认准确 ARR、ACV 分布、续约率 |
| 年度订阅(Marketplace) | AWS Marketplace 和 CrowdStrike Marketplace 转售 | $/年/客户 | 增长中的渠道;AWS Marketplace 基准价 $100K/yr/100M calls/mo | 高 — Marketplace 合同,抵扣承诺消费 | 确认 Marketplace 与直销分别贡献的 ARR 占比;是否有 Marketplace 费用影响利润率 |
| 超额 / 用量费用 | API 调用量超过合同阈值后触发增量计费 | $/超额调用 | 补充收入;规模未披露 | 中 — 变量收入,可预测性较弱 | 确认平均超额收入占总 ARR 的比例 |
| 专业服务 | 集成支持、PoC 交付、上线导入 | $/项目 | 占比较小;合作伙伴称其属于组织性服务,不是软件型收入 | 低 — 人力密集、毛利低 | 确认专业服务占总收入比例;评估对利润率的稀释 |
ARR 估计来自 Latka 数据库(第三方,未审计)。AWS Marketplace 定价来自已列出的产品页面。专业服务推断来自 AWS Marketplace 渠道中的客户评论。
[CI001, CI002, CI003, CI004]| 价格 / 单位 / 合同 | 标价与实际定价 | 折扣 / 未知项 | 来源 |
|---|---|---|---|
| $100,000/year,对应 100M API calls/month | 标价(AWS Marketplace 已发布) | 更高调用量可获量级折扣;预计多年合同也有折扣 | AWS Marketplace 列表(访问于 2026-06-06) |
| $70,000–$210,000/year(估计 ACV 区间) | 估计实际成交价,非标价 | 按用量、功能集和客户规模谈判;Vendr 采购数据 | Vendr marketplace 数据库(估计值,未与实际合同核验) |
| ~$210K 以上自定义企业定价 | 自定义报价;$100K 基准价以上未公开标价 | 未知;大合同很可能包含多年期和量级折扣 | Salt Security 直销接触(推断;无公开披露) |
| CrowdStrike Marketplace 定价 | 通过 CrowdStrike 合作伙伴计划转售 | 受 CrowdStrike 转售利润率和客户承诺支出影响 | CrowdStrike Marketplace 列表和合作伙伴新闻稿 |
所有定价要么是标价、要么是估计值;实际 ACV 和真实折扣未公开披露。AWS Marketplace 定价是唯一公开标价锚点。Vendr 估计是第三方、未经核验的采购数据。
[CI001, CI002, CI003]Salt Security 如何把企业 API 流量保护需求转成订阅收入和毛利,从客户动作一路走到收入确认。
COGS 和毛利来自 2020 年 TechCrunch 毛利率披露及 SaaS 基准;当前数据未公开。
[CI001, CI014, CI015, CI023]4.2 GTM 动作与销售效率代理指标
Salt Security 采用企业直销动作,并辅以渠道计划。由 CRO Matt Quarles(2023 年加入)领导的直销团队,聚焦 Fortune 500 和 Global 500 账户中的 CISO 与应用安全买家。公司自 2021 年以来扩张至欧洲和拉丁美洲,体现出两层地理 GTM:核心北美企业市场,以及国际扩张市场。 渠道经济性以 2023 年 8 月推出的 STEP(Salt Technical Ecosystem Partner)计划和 CrowdStrike Marketplace 上架为锚点,后者让 Salt 接触到 CrowdStrike 的装机基盘。CrowdStrike Falcon Fund 的战略投资和联合销售安排(2022 年 9 月)是一个重要 GTM 事件:CrowdStrike 的 Falcon Next-Gen SIEM 集成(2024 年末)让 Salt 能接触已经运行 CrowdStrike 的客户,从而扩大渠道 TAM。AWS Marketplace 可用性也让客户把预留容量支出用于 Salt 合同,降低云原生买家的采购摩擦。 公开单位经济数据很少。唯一披露的销售效率代理指标,是公司自己称 2020 年毛利率超过 90%,这意味着软件毛利润很高,但没有揭示 CAC 或 LTV。企业 API 安全交易在首年通常需要 3-9 个月销售周期;续约周期更快。概念验证(PoC)阶段是关键摩擦点——竞品对比来源把拉长的 PoC 周期列为客户抱怨,这会影响 CAC 回本。公司没有公开披露 NRR 或队列留存数据。公司把客户满意度和员工留存作为主要成功指标(来自 Series D 评论),这些指标滞后,而不是领先的收入效率指标。[CI007, CI008, CI009, CI010, CI011, CI012]
定性单位经济性流程,展示 Salt Security SaaS 客户生命周期中的已知输入、估计节点和未知缺口。
所有标注“未披露”或“估计”的节点,都反映公开单位经济性数据缺失。CAC、NRR 和 LTV 无法填入数值;该流程是管理层尽调访谈的定性框架。
[CI008, CI012, CI017, CI033]4.3 成本结构与毛利率信号
Salt Security 是云交付 SaaS 公司,成本结构符合高增长企业安全平台特征:软件毛利率高,R&D 和 S&M 投入重,实体资本需求有限。2020 年 TechCrunch 报道是唯一公开毛利率数据点:截至 2020 年 6 月,毛利率已「显著提升至超过 90%」。这与同等规模纯 SaaS 安全公司一致,其中托管式大数据基础设施(Salt 的核心差异点)是主要 COGS 驱动因素。 Salt 的 API Protection Platform 依赖云规模大数据处理引擎,必须摄取并分析大型企业级 API 流量。其公开架构使用云规模时间序列 ML/AI,意味着企业部署会产生实质基础设施成本,包括云计算、存储和数据出站。随着 ARR 从约 $5 million(2021)增至约 $75 million(2025),COGS 可能按比例增加,但 90%+ 的毛利率基线说明,相对于订阅收入,基础设施成本管理良好。行业 SaaS 基准将订阅毛利率中位数放在 75-85%,顶级四分位安全 SaaS 公司为 80-90%(Benchmarkit 2025),因此 Salt 的 2020 年数字即便对顶级四分位也偏激进;当前毛利率未知,且随着基础设施规模扩大可能已被压缩。 运营费用主要由 R&D 和销售与营销构成。Series D($140M,2022 年 2 月)明确用于增加 R&D 投入并扩大销售和营销。公司在 2021 至 2022 年间员工数增加了两倍(约 65 人到 192 人),说明当时 S&M 人员投入很大。此后员工数在 2022–2025 年间平台期在约 200 人,暗示 Series D 初期部署后,运营费用增长放缓。对云托管 SaaS 公司来说,资本开支很低;业务模式没有暗示制造、库存或重大硬件资本开支。[CI014, CI015, CI016, CI017, CI018, CI019]
| 指标 | 值 / 空值 | 置信度 | 重要性 | 尽调问题 |
|---|---|---|---|---|
| 毛利率 | >90%(2020,TechCrunch 引用);当前未知 | 低 | 核心经济性;决定资本效率和长期盈利能力 | 从经审计 P&L 或管理层披露中确认当前毛利率 |
| ARR(2025 年中) | ~$75M(Latka,未审计) | 中 | 规模和市场牵引力的代理指标 | 向管理层确认官方 ARR;与财务报表逐项核对 |
| ARR 增长(同比) | ~54%(由 Latka 推导,2024 年末至 2025 年中) | 中 | 显示市场动能和竞争位置 | 向管理层确认增长率;获取最近 4 个季度 ARR |
| 净收入留存率(NRR) | 未披露 | 低 | 扩张与流失信号;SaaS 前四分位 = 110%+ | 向管理层索取 NRR 和总美元留存历史 |
| CAC 回本周期 | 未披露;行业中位数约 18 个月 | 低 | 销售效率;企业 API 安全 PoC 周期长,通常偏高 | 向管理层索取新客户 CAC 和回本周期;用 S&M / 新增 ARR 比率推断 |
| 平均合同价值(ACV) | $70K–$210K 估计;$100K 标价(AWS Marketplace) | 中 | 客单价决定销售团队规模和回本周期 | 确认 ACV 分布;$100K 以上 / 以下客户占比 |
| 客户数 | 未披露 | 低 | 集中度和单客户经济性的分母 | 索取总客户数和前 10 大客户 ACV 集中度 |
| LTV / CAC 比率 | 缺少 NRR、CAC 或流失率,无法计算 | 低 | 基础 SaaS 单位经济指标;缺少私有数据无法评估 | 提供 CAC、NRR 和总流失率,用于计算 LTV:CAC 比率 |
所有标为「未披露」的私有指标,都是承销所需的标准输入,但没有管理层访问权限无法获取。行业基准来自 Benchmarkit 2025 SaaS 调研。ARR 来自 Latka(未审计)。
[CI014, CI015, CI016, CI017, CI023, CI024]4.4 公开牵引指标与私有数据缺口
相对于投资承销要求,Salt Security 可见的公开财务图景很窄。已确认或来源较好的指标包括:Latka 显示 ARR 约 $48.5 million(2024 年 11 月)和约 $75 million(2025 年 6 月);累计股权融资约 $271 million(最近确认的 2022 年 2 月 SEC Form D);最近一轮估值 $1.4 billion(2022 年 2 月)。这些是唯一有实质来源的收入相关数字。 公司在 2022 年 2 月 Series D 新闻稿中自称的牵引包括:过去 12 个月收入增长 500%、客户基数增长 300%、已签约 Fortune 500 / Global 500 客户增长 900%。如果 2022 年增长数字方向正确,而 2020 年 ARR 约为 $5 million(由 Latka 2021 年 $4.9 million 数字隐含),那么 2022 年 Series D 后的 ARR 轨迹大致会把 Salt 放在 $20-30 million。Latka 对 2024 年末给出的 $48.5 million 数字,意味着 2022-2024 年增长慢于 2020-2022 年的超高速扩张阶段。这与更宽 API 安全市场成熟、以及 Salt 员工数在约 200 人平台期相一致(暗示公司有意管理费用或进入投资消化期)。 公开披露中实质缺失的包括:绝对客户数、客户集中度(top-5 ARR 占比)、净收入留存率、总美元流失率、平均合同价值(ACV)分布、递延收入、现金及现金等价物、净利润 / 亏损,以及烧钱速度。这些都是 SaaS 公司标准承销输入,无法从公开来源重建。公司的披露姿态是私有未披露。[CI020, CI021, CI022, CI023, CI024, CI025]
| 缺失的私有指标 | 对判断的影响 | 具体尽调路径 |
|---|---|---|
| 经审计收入 / ARR(官方) | 没有官方数字,无法确认 $75M ARR 估计或增长轨迹 | 向投资者关系索取经审计 P&L 或管理层编制财务资料 |
| 毛利率(当前) | 2020 年 >90% 的水平可能已压缩;不清楚高于还是低于 SaaS 77% 中位数 | 向管理层索取按收入来源拆分的毛利率(订阅与服务) |
| 净收入留存率(NRR) | 没有 NRR,无法判断 ARR 增长来自扩张,还是只来自新增客户 | 向管理层索取季度 NRR 和总美元留存历史 |
| 客户数和集中度 | 无法建模收入集中风险或单客户经济性 | 向管理层索取活跃客户总数、前 10 大客户 ACV 清单 |
| 现金状况和烧钱速度 | 评估公司能否达到盈亏平衡、或是否需要新一轮融资的关键输入 | 向管理层索取当前现金余额和过去 12 个月经营现金流 |
| CAC 和回本周期 | 销售效率未知;竞品提到 PoC 周期长,暗示 CAC 偏高 | 索取按队列拆分的新客户 CAC、S&M 费用明细和回本计算 |
| 递延收入余额 | 多年预付可能抬高现金、但低估 ARR;影响未知 | 索取资产负债表中的递延收入科目和多年合同条款 |
| 净利润 / EBITDA | 盈利轨迹未知;影响现金跑道和下一轮融资时间估计 | 索取利润表;判断公司是否接近盈亏平衡 |
所有行都是无法从公开来源重构的私有数据。缺少这些指标,是投资承销中的阻塞性尽调约束。
[CI034, CI035, CI036, CI037]4.5 资本充足性、融资依赖与财务结论
Salt Security 最近一次新股融资事件是 2022 年 2 月 $140 million Series D,由 SEC Form D(File No. 021-434118)确认。ARR 从约 $48.5 million(2024 年末)增至约 $75 million(2025 年中),如果假设公司按照 90%+ 毛利率基线所支持的规模路径管理并接近现金流盈亏平衡,那么 Series D 资金理论上应能支撑运营至少到 2025-2026,具体取决于烧钱速度。但烧钱速度未披露:一家 200 人规模的企业安全公司,若维持 API 安全行业典型的重 R&D 和 S&M 投入,月度运营费用可能合理落在 $3-8 million,意味着从 Series D 部署窗口起剩余现金跑道为 12-36 个月。这些只是估计。 截至 2026 年 6 月本次报告日期,公司未公开宣布 Series E 或后续债务 / 信贷额度。Forge Global 和 notice.co 的二级市场观察显示,股份可能较 2022 年 $1.4 billion 新股估值折价交易。四年以上没有新股融资、员工数平台期、ARR 改善(如果 Latka 数字方向正确)这几件事合在一起,可能指向两种情景:(a)有机现金生成能力强并接近盈亏平衡,因此无需新融资;或(b)难以按 $1.4 billion 参考估值取得资本,因而转向现金跑道管理。没有经审计财务时,两种情景都与公开证据一致。 财务结论:Salt Security 拥有高质量 SaaS 收入模式(年度订阅、企业 ACV、90%+ 毛利率基线)、强 ARR 增长信号(约 54% YoY)和充足的历史资本。主要财务尽调阻碍是缺少经审计财务、烧钱速度和现金跑道未知、NRR 与 CAC 回本未知,以及资本结构问题未解决(2022 年后无新股融资)。鉴于企业订阅模式和具名 Fortune 500 标识,收入质量评估为中高,但没有管理层财务接触就无法承销。[CI027, CI028, CI029, CI030, CI031, CI032]
| 项目 | 值 / 状态 | 日期 | 置信度 | 备注 |
|---|---|---|---|---|
| 账面现金(最近披露) | 未公开披露 | 低 | 无经审计资产负债表;现金状况未知 | |
| 月度烧钱速度(估计) | $3M–$8M/月(分析师估计) | 2025-01-01 | 低 | 基于约 200 名员工以及研发 / S&M 偏重的成本结构估算;未披露 |
| Series D 隐含现金跑道 | 资金投放后约 18–36 个月(估计 2022 Q1) | 2022-06-01 | 低 | 高度不确定;取决于烧钱轨迹以及收入抵消程度 |
| 最近一次股权融资 | $140 million(Series D 轮) | 2022-02-18 | 高 | 由 SEC Form D 文件确认(File No. 021-434118) |
| 累计股权融资 | ~$271 million | 2022-02-18 | 高 | 公司新闻稿 + Globes + CRN 交叉印证 |
| Series D 后新股融资轮 | 未宣布 | 高 | 截至 2026 年 6 月未见后续新股融资事件 | |
| 计划资金用途(Series D) | 加速研发、扩张 S&M、发展国际业务 | 2022-02-10 | 高 | 来自 Series D 新闻稿和 Globes 报道 |
| 下一轮融资触发条件 | 未知;未给出公开指引 | 低 | 公司未披露下一轮融资所需的增长或烧钱阈值 | |
| 债务 / 信贷额度 | 未公开披露 | 低 | 未发现 UCC 文件或债务披露;不能排除非公开债务 | |
| 二级市场估值信号 | 据 Forge 和 notice.co,可能较 $1.4B(2022 峰值)折价 | 2026-06-01 | 低 | 二级市场价格不能可靠反映基本价值 |
公司概况章节包含完整的逐轮融资时间线,包括 SEC Form D 交叉印证。本表聚焦前瞻性的资本充足性。烧钱速度和现金跑道是低置信度的分析师估计;需要直接访问管理层。
[CI027, CI028, CI029, CI030, CI031, CI032]基于第三方数据和一手来源锚点,给出 Salt Security 的 ARR 与估值估计区间,并拆分低 / 基准 / 高情景。
ARR 数字来自 Latka 第三方数据库(未经审计)。估值区间反映 2022 年新股轮定价与可能的二级市场折价之间的不确定性。毛利率区间以 SaaS 行业基准作为上下界;当前实际毛利率未披露。
[CI020, CI021, CI023, CI024]绘制 Salt Security 在 D 轮之后(2022–2026)的资本来源、资金投向和关键充足性不确定因素。
烧钱速度和现金跑道是分析师根据员工数和企业 SaaS 成本基准估算,并非来自披露财务数据。资本缺口风险是条件情景,不是确定结论。
[CI027, CI028, CI029, CI030, CI031]4.6 图表要点
05产品与技术
5.1 平台定义与架构
Salt Security 将核心产品定位为 Salt Illuminate:一个 SaaS 交付的 API 安全平台,通过云连接器(Salt Connect)镜像 API 流量,把数据送入旁路云数据湖,从而无代理运行。请求路径中不插入内联代理, 因此不会影响应用延迟。平台随后用行为机器学习为每个 API 建立流量基线,建模数百项属性,如参数一致性、 请求频率、响应量、设备或地址模式,并在凭据被攻破或数据外泄前,把偏离基线的行为标记为攻击者侦察。 公司称该引擎已获专利。平台三项顶层能力是 API Discovery & Visibility(发现影子、僵尸、内部、 合作伙伴和公开 API)、API Posture & Compliance(将 API 映射到约 100 条预置安全规则,覆盖 PCI DSS、 HIPAA、GDPR、SOC 2、NIST、CMMC 和 FedRAMP)以及 API Threat Detection & Protection(行为异常检测和早期阻断)。 2026 年 3 月,Salt 推出 Agentic Security Platform,将覆盖范围扩展到 LLM、MCP 服务器和 AI 智能体流量, 底层是 Agentic Security Graph:一层上下文风险图谱,映射现代 AI 技术栈中推理、执行和动作层之间的关系。 Salt 将其定义为从代码(GitHub Connect,2025 年 11 月)到运行时(AG-DR)保护完整智能体生命周期。 平台可用 SaaS 或本地部署,集成 AWS、Azure、GCP 和主要 API 网关,并声称初始云连接步骤可在几分钟内完成部署。[CE001, CE002, CE003, CE004, CE005, CE006]
| 模块 / 资产 | 主要用户 | 状态 / 成熟度 | 差异化 | 尽调缺口 |
|---|---|---|---|---|
| API 发现(Salt Connect + 流量分析) | 安全和 DevOps 团队 | GA / 证据充分 | 公司研究称,三路径发现(云连接器 + 流量 + 表面扫描)比仅靠 CDN 的工具多发现约 30.7% API | 没有发现召回率的独立第三方基准 |
| Salt Surface(外部攻击面) | 安全团队、CISO | GA / 2025 年 7 月官方发布 | 从攻击者视角扫描公开 API,补足内部发现 | 未公开披露扫描频率、深度限制或 SLA |
| GitHub Connect(代码到上下文发现) | DevSecOps 和 AppSec 团队 | GA / 2025 年 11 月 | 公司称,该模块可在代码仓库中做部署前 MCP 和影子 API 发现,为市场首创 | 未公开代码仓覆盖广度或误报率数据 |
| 态势管理 / Policy Hub | 安全工程师、合规负责人 | GA / 证据充分 | 预置约 100 条规则,覆盖 PCI、HIPAA、GDPR、SOC 2、NIST、CMMC、FedRAMP;支持自定义规则编写 | 准确规则数量未经独立核验;未公开规则变更日志 |
| 运行时威胁检测(Salt Protect) | SOC 分析师、安全工程师 | GA / 核心 / 已获专利 | 行为 ML 无需签名即可检测 BOLA、撞库、数据外泄、账号接管、注入 | 未披露公开误报率基准或 MTTA/MTTR 指标 |
| MCP Protect + 智能体 AI 治理 | AI 安全负责人、CISO | GA / 2025 年 9 月 | 提供 MCP 服务器交互和 AI 智能体行为的运行时可见性;首次登录即自动启用 | 针对新型 AI 攻击模式的检测准确性,独立评审有限 |
| AG-SPM(智能体安全态势管理) | 安全架构师、AI 平台负责人 | GA / 2026 年 3 月 | 在一张图中持续发现和治理 LLM、智能体、MCP 服务器及其关系 | 截至运行日期,未公开披露 AG-SPM 客户证明 |
| AG-DR(智能体检测与响应) | SOC 分析师 | GA / 2026 年 3 月 | 在完整智能体栈中实时检测智能体驱动的 API 滥用、误用和异常行为 | 针对新型智能体驱动攻击的有效性,尚无独立基准测试验证 |
| Ask Pepper AI(对话式助手) | 安全分析师 | GA / 2025 年 12 月 | 无需专用查询语法,即可用自然语言调查威胁、查询平台 | 未披露底层 LLM 供应商以及分析师查询的数据处理方式 |
成熟度标签反映保留下来的公开证据深度和公司公告日期,不代表内部路线图划分。「GA」指官方公告中的正式可用;截至 2026-06-06,公开来源无法独立验证规则数量、发现召回率、检测准确率等主张。
[CE001, CE002, CE010, CE011, CE015, CE016]分层展示 Salt Illuminate 平台从数据摄取到安全成效的链路。
层级边界综合自官方产品页、CrowdStrike 市场平台简报、AllCloud/Datadog 案例研究和 AppSec Santa 技术评测。内部微服务拓扑的精确形态未公开记录。
[CE001, CE003, CE005, CE006, CE029, CE030]5.2 核心模块——发现、态势与威胁防护
API Discovery 由三条互补数据路径交付:Salt Connect(无代理连接器,通过流量镜像从 AWS、Azure、GCP、Kong、 Apigee、MuleSoft、NGINX 和 Istio 拉取元数据)、Salt Surface(从攻击者视角绘制面向公网 API 的外部攻击面扫描器), 以及 GitHub Connect(2025 年 11 月推出的代码仓库扫描器,在部署前识别源码中的 API 和 MCP 服务器配置)。 三条路径合在一起,指向 Salt 自研报告揭示的行业局限:只靠 CDN 的单一来源发现会漏掉估计 30.7% 的 API。 Posture Management 引擎以 Policy Hub 为中心,内置约 100 条规则,并允许客户编写自定义规则。Salt 2025 State of API Security Report 发现,只有 10% 的企业部署了 API 态势治理策略,这让 Policy Hub 具备先发优势。Threat Detection 引擎用行为 ML 基线检测 BOLA/IDOR、撞库、账户接管、数据外泄、会话操纵、API 滥用和注入攻击; Salt 研究显示,这些类别约占映射到 OWASP API Security Top 10 攻击的 80%。攻击修复通过 SIEM 和工单集成(Splunk、 Microsoft Sentinel、Jira)给出可执行的开发者指引。敏感数据追踪会映射 API 流动中的 PII、PHI 和支付卡数据, 并输入态势报告和合规导出。[CE010, CE011, CE012, CE013, CE014, CE015]
| 用户任务 | 现有工作流 | Salt 方案 | 可衡量收益(声称) | 局限 |
|---|---|---|---|---|
| 发现所有生产 API,包括影子端点 | 靠手工登记、网关日志或 CDN 检查,通常会漏掉 30%+ 端点 | Salt Connect 从云和网关镜像流量;Salt Surface 扫描外部暴露面;GitHub Connect 扫描代码 | 公司研究:未记录 API 减少 33%;几分钟内开始发现 | 公司自报指标;没有独立生产基准 |
| 梳理 API 中的敏感数据暴露 | 手工数据流图、定期审计,通常不完整且很快过期 | 在动态 API 流量中持续跟踪 PII、PHI 和支付卡数据,并标记姿态问题 | 官方平台页描述实时敏感数据分类;DeinDeal 提到在生产环境保护 PII | 敏感数据检测没有公开的精确率 / 召回率指标 |
| 在攻击者打穿前检测并阻断 API 攻击 | WAF 或 API 网关限速规则,看不见来自认证身份和业务逻辑层的攻击 | 行为 ML 基线 + 实时异常关联;按实体级阻断,不是按交易级阻断 | CrowdStrike 简报:告警减少 96%,处置速度快 20 倍,修复快 3 倍 | 客户自报指标,未经独立审计 |
| 向审计方证明 API 合规 | 手工映射政策、用电子表格收集证据 | Policy Hub 按约 100 条规则评估 API;导出审计合规材料 | 按官方说法,减少审计准备时间,并免去手工证据收集 | 没有公开案例量化审计准备时间节省 |
| 运行时保护 AI 智能体的 API 调用 | 多数组织没有面向智能体 API 安全的专用工具(Salt 研究称,只有 37% 为智能体 AI 配备专门的 API 安全能力) | AG-DR 监控并阻断异常的 MCP 和智能体驱动 API 行为;首次登录即自动设置护栏 | Siemens CISO 引述:提升可视性和保护能力,支撑 Siemens Software 业务扩展 AI | 早期能力;Siemens 引述之外尚无公开正式生产案例研究 |
「可衡量收益」列来自公司发布的指标、新闻稿和一条客户引述。除非标明为独立报告,这些数字均为公司声称。所有收益数字都需要尽调验证。
[CE001, CE002, CE012, CE013, CE014, CE017]从环境连接到 API 发现、态势治理、威胁检测和修复的端到端流程。
[CE002, CE010, CE011, CE016, CE017, CE018]5.3 智能体安全能力与 AI 原生功能
2025 年 9 月 CrowdStrike Fal.Con 上,Salt 发布 MCP Protect 和 Agentic AI Governance,声称这是行业首个在运行时保护跨 API 和 Model Context Protocol(MCP)服务器的 AI 智能体动作的方案。GitHub Connect(2025 年 11 月)把发现能力扩展到源码仓库, 用于部署前 MCP 风险评分。2026 年 3 月,这些能力被统一进 Salt Agentic Security Platform,并新增两个安全产品类别: Agentic Security Posture Management(AG-SPM,持续发现和治理 LLM 连接、智能体清单、MCP 服务器及其关系)和 Agentic Detection and Response(AG-DR,跨智能体驱动的 API 调用和 MCP 交互实时检测滥用、误用和异常行为)。平台还提供 Ask Pepper AI, 这是 2025 年 12 月发布的对话助手,允许安全分析师用自然语言查询平台、调查威胁,而不必学习专用查询语法。2026 年 6 月发布的 Salt Code,目标是把安全策略带入 AI 编程助手输出。底层概念是 Agentic Security Graph——一个安全上下文层,将 LLM(推理)、 MCP 服务器(执行)和 API(动作)映射为相互连接的支柱;这样可以按每个智能体的实际爆炸半径排序风险, 而不是把所有智能体等同处理。Salt 2026 上半年研究(调研 327 名安全专业人士)发现,92% 的组织在智能体环境中缺乏高级安全成熟度, 分析的攻击尝试中 99% 来自已认证来源,印证了重点应放在运行时行为防护,而不是边界阻断。[CE020, CE021, CE022, CE023, CE024, CE025]
| 层 / 组件 | 作用 | 依赖 / 技术 | 风险 |
|---|---|---|---|
| Salt Connect(流量摄取) | 通过网关和云源镜像接收 API 流量副本 | AWS、Azure、GCP、Kong、Apigee、MuleSoft、NGINX、Istio、Akamai、Cloudflare、F5 等集成 | 流量副本取决于网关配合;若团队使用未列出的网关,可能绕过采集 |
| API 数据湖 | 存储并索引 API 元数据,用于 ML 训练和历史威胁关联 | AWS 托管、Kafka 消息队列、Kubernetes 编排 | 核心云依赖 AWS;EDP 承诺提高切换摩擦 |
| 行为 ML 引擎(已获专利) | 基于数百个属性建立合法 API 行为基线;检测攻击者侦察 | 自研 ML 模型;公司用客户元数据训练模型 | 流量模式快速变化时有模型漂移风险;新型攻击向量上的准确率未经验证 |
| Policy Hub | 按约 100 条预置和自定义姿态规则评估 API 配置 | 内部开发的规则引擎;框架映射由 Salt 维护 | 规则覆盖准确性取决于 Salt 对框架的解读;没有独立规则审计 |
| 智能体安全图谱 | 通过映射 LLM、MCP 服务器和 API 的互联关系,给风险补上下文 | 将核心数据湖和 ML 引擎扩展到智能体驱动流量 | 相对较新(March 2026);生产规模和准确率基准尚未公开报告 |
| GitHub Connect | 通过代码仓库分析,在部署前发现 API 和 MCP | 对公有 / 私有 GitHub 仓库的只读 OAuth 集成;无需流量即可做风险评分 | 依赖 GitHub API 可用性;仅限 GitHub 仓库(GitLab、Bitbucket 未确认) |
| Ask Pepper AI | 面向平台数据的自然语言查询界面 | 生成式 AI 助手(底层 LLM 提供方未披露) | LLM 提供方以及分析师查询的数据处理政策没有公开文档 |
| SIEM / 响应集成 | 将告警和增强上下文发送到安全运营工具 | Splunk、CrowdStrike Falcon、Microsoft Sentinel、Jira、Slack 等工具 | 不同平台集成深度不一;告警投递延迟没有公开 SLA |
层级描述来自 Salt 官方页面、CrowdStrike marketplace 和 AllCloud/Datadog 案例研究中的技术 PDF,以及 AppSec Santa 技术评测。没有公开架构图确认确切组件边界;本表基于公开证据综合整理,并标明推断。
[CE003, CE004, CE005, CE006, CE029, CE030]绘制 Salt Security 在云、网关、安全和开发者生态中的关键外部依赖。
依赖关系综合自官方集成页面、CrowdStrike 市场平台简报、AllCloud 案例研究和 PRN 公告。Salt 与各依赖伙伴之间的精确 API 合同未公开记录。
[CE003, CE004, CE029, CE031, CE032, CE033]5.4 部署模式、集成与可靠性
Salt 通过流量镜像无代理部署:平台接收 API 流量副本,只把元数据发送到云端 API 数据湖。 该架构保证对应用请求延迟零影响,也不需要改代码或调整架构。Salt Illuminate 的导入向导声称,云连接 来源的完整初始部署可在几分钟内完成。AllCloud/Datadog 案例显示,Salt 自身基础设施运行在 AWS 上, 跨数百个后端实例每分钟处理数百万条消息。平台用 Kafka 做消息队列、Kubernetes 做容器编排,并用 Datadog 做可观测性和成本优化。 集成生态覆盖 API 网关(Kong、Apigee、MuleSoft、NGINX、Istio)、云平台(AWS、Azure、GCP、Akamai、Cloudflare、F5、Kubernetes)、 SIEM/SOAR 与可观测性(Splunk、CrowdStrike Falcon、Microsoft Sentinel、Jira、Slack)以及 CI/CD 工具(GitHub、Docker)。 2025 年 4 月,CrowdStrike 集成加深,在 Falcon 平台内提供闭环 API 情报。Salt 签下 3 年 AWS Enterprise Discount Program(EDP)承诺,显示其长期云基础设施依赖 AWS。目前无法从 Salt Security 网站访问公开状态页、可用性 SLA 或事故历史; 对需要合同化可靠性承诺的企业买家,这是尽调缺口。[CE028, CE029, CE030, CE031, CE032, CE033]
| 控制 / 认证 | 状态 | 范围 | 缺口 / 尽调问题 |
|---|---|---|---|
| PCI DSS 姿态规则 | 可用(Policy Hub) | 客户 API 合规检查;不是 Salt SaaS 认证 | Salt 平台自身的 PCI DSS 认证状态未公开 |
| HIPAA 姿态规则 | 可用(Policy Hub) | 客户 API 合规检查;不是 Salt BAA/HIPAA 认证 | Salt 是否签署 HIPAA 商业伙伴协议,没有公开文档 |
| GDPR 姿态规则 | 可用(Policy Hub) | 客户 API 合规检查;数据湖中元数据的 EU 数据驻留未确认 | 截至运行日期,公开网站无法访问 EU 数据驻留和 DPA 条款 |
| SOC 2 Type II(Salt 自有平台) | 未公开 | 未知 — Salt 网站未找到 SOC 2 报告引用 | 向 Salt 确认 SOC 2 Type II 状态;企业采购需要 |
| ISO 27001(Salt 自有平台) | 未公开 | 未知 — cloudsecurity.org 映射了控制项,但这是第三方评估,不是 Salt 认证 | 确认 ISO 27001 状态;第三方评估不等同于认证 |
| FedRAMP 授权 | 未公开 | 政府云使用需要 FedRAMP;姿态规则只面向客户 API | 确认 FedRAMP 授权,或面向美国公共部门销售的路线图 |
| 正常运行时间 / SLA | 未找到公开状态页或 SLA | 截至运行日期,无法访问 salt.security/status 或 trust.salt.security 页面 | 直接向 Salt 索取合同 SLA、事故历史和状态页 URL |
| UpGuard 安全评级 | B 级(June 2026) | 外部可观察安全姿态;标记 CSP 问题,没有泄露历史 | 监控变化;CSP 标记严重性低,但说明 Salt 自身安全姿态仍有改进空间 |
「Policy Hub」姿态规则是面向客户的合规检查,用在客户自己的 API 上;它们不认证 Salt 的 SaaS 平台。标为「未公开」的行,表示截至 2026-06-06 保留来源中没有证据,不等于确认不存在认证。
[CE035, CE036, CE037, CE038, CE039, CE040]5.5 信任、安全与合规
Salt 的 Policy Hub 内置约 100 条态势规则,对齐 PCI DSS、HIPAA、GDPR、SOC 2、NIST、CMMC 和 FedRAMP。 这些是客户 API 的框架映射,不是 Salt 自身平台的认证。cloudsecurity.org 技术评估将平台映射到 ISO 27001 控制项中的事件管理 (5.24–5.28)和访问控制(5.15–5.18),并指出 Salt 支持持续 API 流量监控、异常检测、SIEM 集成, 以及用于阻断未授权访问的执行命令。UpGuard 2026 年 6 月安全评级基于外部可验证的态势检查,给 Salt Security “B” 级, 指出一项 content-security-policy(CSP)问题,但未发现重大数据泄露历史。CrowdStrike Marketplace 简报指出,Salt 将 Salt API 情报接入 CrowdStrike 安全生态,实现闭环保护,并与 AWS WAF 集成在边缘执行(2025 年 12 月宣布)。 Salt 尚未公开披露其自身 SaaS 平台的 SOC 2 Type II、ISO 27001 或 FedRAMP 认证。数据处理模式——Salt 接收客户 API 流量复制出的元数据—— 形成共享责任边界:Salt 在其云数据湖处理 API 元数据,客户因此必须信任 Salt 自身对潜在敏感 API 行为数据的安全控制。 企业安全买家通常会在尽调中追问这一信任边界,但 Salt 当前公开信任面并未回应。[CE035, CE036, CE037, CE038, CE039, CE040]
| 日期 / 时段 | 功能 / 里程碑 | 状态 | 影响 | 来源 |
|---|---|---|---|---|
| Jan–Feb 2025 | State of API Security Q1 2025 报告;行业认可榜单 | 已发布 | 巩固思想领导力;披露受访组织 API 安全事件发生率达 99% | PRN 302385528 |
| Apr 2025 | 深化 CrowdStrike 集成;新增 MCP 服务器驱动架构支持 | 已发布 | Falcon 平台内形成闭环 API 情报;开始覆盖 MCP | Security Boulevard 2025 回顾 |
| Jun 2025 | Salt Illuminate 统一平台品牌发布;扩展 Cloud Connect | 已发布 | 影子、僵尸和未托管 API 发现统一到一个品牌下 | Enterprise Security Tech 文章 |
| Jul 2025 | Salt Surface(外部攻击面扫描器)推出 | 已发布 | 以攻击者视角扫描公开 API;新增第三条发现数据路径 | Security Boulevard 2025 回顾 |
| Sep 2025 | MCP Protect + Agentic AI Governance 亮相 CrowdStrike Fal.Con 2025 | 已发布 | 公司声称的行业首个 AI 智能体 API 安全方案;引用 Gartner 的 MCP 指引 | Digital IT News;PRN 302716939 |
| Nov 2025 | GitHub Connect + MCP Finder 推出 | 已发布 | 在代码仓库中部署前发现影子 API 和 MCP 风险;安全左移 | PRN 302618522;IT Security Guru |
| Dec 2025 | Ask Pepper AI(对话式助手)+ AWS WAF MCP 防护 | 已发布 | 用自然语言调查威胁;在边缘执行 MCP 防护 | PRN 302644308(12 个月回顾) |
| Mar 2026 | Agentic Security Platform:AG-SPM + AG-DR;Siemens CISO 验证 | 已发布 | 完整智能体栈纳入防护:LLM、MCP 服务器、API 作为统一安全图谱处理 | PRN 302716939 |
| Apr 2026 | 1H 2026 State of AI and API Security 报告(327 名受访者) | 已发布 | 92% 组织缺乏智能体安全成熟度;66% API 在过去一年增长 >50%;影响路线图优先级 | salt.security 新闻稿 |
| Jun 2026 | Salt Code(面向策略感知代码生成的 AI 编码助手安全) | 已发布 / 已宣布 | 代码提交前,将安全策略带入 AI 编码助手输出 | salt.security 博客 |
日期来自 Salt Security 官方新闻稿和 December 2025「12 Months of Innovation」回顾。所有项目都是公司披露的发布日期;公开来源无法独立验证功能完整性。
[CE041, CE042, CE043, CE044, CE045, CE046]5.6 路线图、发布节奏与开发速度
Salt 2025 年公开发布节奏见其 “12 Months of Innovation” 新闻稿:围绕发现、态势、运行时防护、MCP/智能体 AI 安全和对话式调查功能, 基本每月一次重大产品发布。2025 年关键发布包括 Salt Illuminate(2025 年 6 月,统一平台品牌)、Salt Surface(2025 年 7 月, 外部攻击面扫描器)、CrowdStrike Fal.Con 上的 AI Agent API Security(2025 年 9 月)、GitHub Connect 和 MCP Finder (2025 年 11 月),以及 Ask Pepper AI 加 AWS WAF MCP 保护(2025 年 12 月)。2026 年 3 月,Salt 推出 Agentic Security Platform, 带来 AG-SPM 和 AG-DR,是其迄今最大的一次架构扩展。Salt Code(AI 编程助手安全)于 2026 年 6 月宣布。GitHub 组织(SECful)显示, 开源工具截至 2026 年 5 月仍有活跃提交,包括 Peekaboo(可视化 API 发现扫描器,Python)、api_extractor(从源代码提取 REST API)、 apk-processor(Android APK API 提取,Go)、url_learning_v2(高性能路径模板 trie,Java,1.2M lookups/sec)、 deployment_ai_advisor(AI 驱动的基础设施建议)和 terraform-ibm-salt-cloud-connect(IBM Cloud 的 Terraform 模块,2026 年 5 月更新)。 竞争心智风险:一个市场研究来源称,Salt 在 API 安全买家中的心智份额从 2025 年的 13% 降至 2026 年的 7%, 说明在快速产品创新之外,竞争仍在侵蚀。所审阅来源均未确认 gRPC 支持,仍是证据缺口;平台明确支持 REST 和 GraphQL, 并有 WebSocket 流量镜像文档。[CE041, CE042, CE043, CE044, CE045, CE046]
按证据维度评估 Salt Illuminate 核心能力的成熟度。
成熟度评级来自留存公开证据的数量和独立性,而非 Salt 内部产品路线图标记。“证据深度”评估该能力在公开来源中的记录充分程度;“独立性”评估其中多少证据来自非 Salt 来源。
[CE001, CE015, CE019, CE021, CE022, CE025]5.7 展项
06客户
6.1 客户群分层与垂直行业重点
Salt Security 官方营销材料和 CrowdStrike Executive Brief 将 FinTech、Financial Services、Technology SaaS 和 Pharmaceutical 列为公司的主要目标垂直行业。AppSec Santa 2026 评测和公司客户页用更广泛的具名客户名单佐证这一点,覆盖零售电商(DeinDeal,瑞士)、 汽车 / 制造(Hyundai)、医疗器械(Stryker)、金融科技(SoFi)、硬件 / 技术(Kingston Technology)、 银行(Standard Bank Group,南非)、制造 / 软件(Siemens)和航空(Alaska Airlines)。这些名称来自公司自有材料和 AppSec Santa 独立评测;除 DeinDeal(2021 年 PR Newswire 公告)和 Siemens(2026 年 Agentic Platform 发布时 CISO 引语)外, 尚未通过独立第三方案例研究逐一确认。买家画像稳定指向企业级:G2 评价基础偏向 Enterprise(>1,000 名员工)和 Mid-Market 买家。 Salt 自身 2025 State of API Security Report 调研了 206 名专业人士,2026 上半年报告调研了 327 名安全领导者; 这些受访者池与企业安全支出相符。公司未公开披露客户数量(活跃账户总数)。CrowdStrike 简报称 Salt “保护全球部分最大型企业”。 按地域、行业垂直占比或账户规模分层的拆分均未公开。[CU001, CU002, CU003, CU004, CU005, CU006]
| 细分市场 | 买方 / 用户 / 付款方 | 用例 | 代表名称 | 收入 / 战略价值信号 | 缺口 |
|---|---|---|---|---|---|
| 金融科技 / 数字银行 | CISO / 安全工程 | 面向处理金融交易的客户 API,做 API 发现和运行时威胁防护 | SoFi、Standard Bank Group | 战略价值高;Salt 研究称金融 API 是最高风险暴露面 | 两家公司都没有独立案例研究;SoFi 证据仅限标志 / YouTube 提及 |
| 企业技术 SaaS | 安全工程 / DevSecOps | 面向多云 SaaS 环境,做 API 盘点、姿态治理和行为检测 | Kingston Technology;从 Salt 营销材料推断 | 技术公司 API 密度高、合规要求高 | Kingston 没有结果证据,仅是提及级别 |
| 零售 / 电商 | CTO / 安全工程 | 面向处理交易的移动端 + Web 平台,做自动化 API 发现和 PII 保护 | DeinDeal | 具名案例研究包含结果数据(PII 保护,顶住恶意流量同比增长 211%) | 案例研究来自 2021;没有更新或后续证据 |
| 制造业 / 工业软件 | CISO / 网络安全负责人 | 保护企业软件 API 中的 AI 智能体交互;智能体栈防护 | Siemens | 具名 CISO 引述支持 Agentic Platform(March 2026) | 早期智能体部署;尚无量化结果数据 |
| 航空 / 交通 | CISO / 安全工程 | 面向高可靠性环境中的客户和运营 API 做 API 安全 | Alaska Airlines | 任务关键环境;监管压力高(TSA、FAA) | 没有独立案例研究或结果证据;仅标志 / 提及级别 |
| 医疗器械 / 医疗健康 | 安全工程 / 合规 | 面向医疗健康 API 生态,做 API 姿态治理和 HIPAA 对齐的合规检查 | Stryker | 医疗器械 API 承载 PHI 和监管风险 | 没有独立案例研究;仅提及级别证据 |
「代表名称」来自 AppSec Santa 2026 独立评测和 Salt 官方客户页。DeinDeal 与 Siemens 有独立证据;其余名称为公司披露或第三方引用,缺少结果数据。收入 / 战略价值信号来自垂直行业特征推断,不是披露的财务数据。
[CU001, CU002, CU003, CU004, CU005, CU006]绘制 Salt Security 企业客户细分从初始发现到全平台扩张的采用生命周期。
旅程阶段根据产品发布顺序、官方产品页面和 DeinDeal/Siemens 案例证据推断。内部漏斗转化数据未公开。阶段顺序反映典型企业安全 SaaS 采用模式,而非观察到的客户生命周期数据。
[CU001, CU004, CU016, CU017, CU019, CU031]6.2 采用轨迹与部署指标
Salt 未公开披露客户数量、ARR 或销售管线指标。公开来源只能提供间接采用轨迹信号。AllCloud/Datadog 案例称, “过去一年,Salt Security 客户群显著增长”,基础设施也扩展到跨数百个后端实例每分钟处理数百万条消息。2025 年 “12 Months of Innovation” 新闻稿称,2025 年发布“市场反响巨大”,公司还完成了 3 年 AWS Enterprise Discount Program 承诺——这是预期流量增长的前瞻信号。Salt 自身市场研究(2026 上半年,327 名受访者)发现,66% 的组织报告过去一年 API 增长超过 50%,使用智能体 AI 的组织中只有 37% 配备专门 API 安全;两项指标都指向大量未满足需求,而 Salt 新 Agentic Platform 正在切入。Microsoft Azure Marketplace 和 CrowdStrike marketplace 列表显示多云分销合作覆盖。G2 评价数(共 12 条, 最近一条为 2026 年 5 月)对一家声称全球企业覆盖的公司而言偏低;截至运行日,平台约两个月未收到新的 G2 评价。 Salt 在 FeaturedCustomers 的档案显示共有 20 条客户引用,引用评分 4.8/5。公开资料没有同期群数据、续约率或账户扩张指标。[CU009, CU010, CU011, CU012, CU013, CU014]
| 指标 | 数值 / 信号 | 日期 | 来源 | 置信度 | 含义 |
|---|---|---|---|---|---|
| 总活跃客户数 | 未披露 | 2026-06-06 | Salt Security(未公开披露) | 低 — 缺失 | 无法评估绝对市场渗透率;尽调必须直接索取 |
| 客户基数增长率(YoY) | 过去一年显著增长(定性) | 2024 | AllCloud/Datadog 案例研究(间接) | 低 — 表述模糊 | 方向为正,但没有量化增速;AWS EDP 3 年承诺意味着增长预期 |
| 平台消息吞吐量 | 每分钟数百万条消息;数百个后端实例 | 2024 | AllCloud/Datadog 案例研究 | 中 — 第三方报告 | 基础设施规模证明真实客户流量存在;不是客户数量 |
| G2 评价数 | 12 条评价(总分 4.7/5) | 2026-05-30 | G2,经 Wayback Machine 归档 | 高 — 已观察 | 相比声称的全球企业覆盖,评价数很低;评价速度已放缓(约 2 个月无新评价) |
| FeaturedCustomers 推荐客户 | 20 个客户推荐(推荐评分 4.8/5) | 2026-06-06 | FeaturedCustomers.com 来源 | 中 — 第三方聚合 | 符合小型企业客户基数,或客户参与推荐计划意愿低 |
| Azure Marketplace 上架 | SaaS 上架条目处于活跃状态 | 2026-06-06 | Microsoft Azure Marketplace | 高 — 已观察 | 可触达 Azure 企业买家的分销渠道 |
| 客户环境中的 API 增长 | 66% 受访组织称过去一年 API 增长 50%+ | 2026-04-08 | Salt 1H 2026 调研(327 名受访者) | 中 — 公司调研 | 平台扩张有强顺风;现有客户的攻击面可能仍在增长 |
「数值 / 信号」单元格反映公开证据中的最佳信息。所有「未披露」都是真实数据缺口。66% API 增长指标来自 Salt 自有市场调研,不是客户特定数据。评价数来自 May 30 2026 的 G2 Wayback 快照。
[CU009, CU010, CU011, CU012, CU013, CU014]Salt Security 企业客户从发现到部署再到扩张的采用流程。
只有漏斗顶部认知指标(调研受访者 327 人)来自公开来源且可量化。其他阶段均未披露转化或采用数量。阶段描述根据产品信息和单个参考验证推断。
[CU009, CU012, CU013, CU019]6.3 具名客户证明与部署质量
最强的独立生产部署证明是瑞士电商零售商 DeinDeal。该部署于 2021 年 4 月通过 PR Newswire 公开宣布,并有具名高管引语 (CTO Alexandre Branquart)确认自动 API 发现、PII 保护、行为异常检测和阻断已在公司移动和 Web 应用中投入生产。 案例研究提到每天处理数千笔交易、发现 build/deploy/runtime 全链路 API,以及用于阻断攻击者的上下文。DeinDeal 处理大量 PII; 其部署背景(疫情期间快速增长、食品配送扩张)让该参考具备较强定性深度。Siemens 案例提供了 2026 年生产验证:CISO Shawn Griffin (列为 CISO、CFIUS Security Officer & Cybersecurity Officer)在 Agentic Platform 发布(2026 年 3 月)时给出具名引语, 称 Salt 为 Siemens 提供了“我们自信地在 Siemens Software 业务中扩展 AI 所需的更好可视性和保护”。这是来自全球制造企业的智能体平台早期采用证据。 SoFi 部署出现在 Salt 的 YouTube 和营销材料中,作为金融科技平台 API 安全案例;没有独立案例研究。Alaska Airlines、Hyundai、 Stryker、Kingston Technology 和 Standard Bank 在 AppSec Santa 2026 评测(一份独立技术分析)及 Salt 客户页被列为客户, 但除 logo / 名称提及层面外,没有结果证据或公开确认。TFiR 文章独立报道了 DeinDeal 部署公告,为该参考提供第三方编辑确认。 G2 评价(共 12 条)包含多名 Enterprise 和 Senior InfoSec 职位用户,报告生产使用、实时环境异常检测和 API 可视化收益; 定性上与其宣称的部署深度一致。[CU016, CU017, CU018, CU019, CU020, CU021]
| 客户 | 细分市场 | 部署 / 用例 | 生产环境 vs 试点 | 结果证据 | 局限 |
|---|---|---|---|---|---|
| DeinDeal(瑞士) | 零售 / 电商 | 面向移动和 Web 应用的自动化 API 发现、PII 保护、行为异常检测 | 生产环境 — April 2021 宣布 | 具名 CTO 引述:可视性提升、攻击预防、PII 保护;顶住恶意流量同比增长 211% | 案例研究来自 2021;截至 2026,没有续约或更新结果证据 |
| Siemens(Siemens Software) | 制造业 / 工业软件 | Agentic Security Platform — 保护企业软件 API 中的 AI 智能体交互 | 生产环境 — 早期采用;CISO 引述 March 2026 | 具名 CISO 引述(Shawn Griffin):提升可视性和保护能力,支撑 Siemens Software 业务扩展 AI | 没有量化结果(API 数量、攻击减少、合规指标);智能体功能刚刚 GA |
| SoFi | 金融科技 / 数字银行 | 面向消费者金融科技平台的 API 安全;Salt YouTube 和营销材料提及 | 生产环境 — 公司声称 | Salt YouTube 内容覆盖 SoFi API 安全用例 | 没有独立案例研究;证据仅限公司营销提及 |
| Alaska Airlines | 航空 / 交通 | 面向航空运营和客户数字服务的 API 安全 | 生产环境 — 公司声称 | 出现在 Salt 客户页和 AppSec Santa 2026 评测中 | 没有具名联系人、结果证据或列表之外的公开确认 |
| Hyundai | 汽车 / 制造业 | 面向汽车数字服务和联网车 API 的 API 安全 | 生产环境 — 公司声称 | 出现在 Salt 客户页和 AppSec Santa 2026 评测中 | 没有具名联系人、结果证据或列表之外的公开确认 |
| Stryker | 医疗器械 / 医疗健康 | 面向医疗器械和医疗健康 API 生态的 API 安全 | 生产环境 — 公司声称 | 出现在 Salt 客户页和 AppSec Santa 2026 评测中 | 没有具名联系人、HIPAA 专项结果证据或列表之外的公开确认 |
| Standard Bank Group(南非) | 金融服务 / 银行 | 面向非洲最大银行集团之一的 API 安全 | 生产环境 — 公司声称 | 列在 Salt 客户页面及 AppSec Santa 2026 评测中 | 除列表露出外,没有具名联系人、结果证据或独立确认 |
“生产使用与试点”列反映目前能找到的最佳证据。“生产使用——公司声称”表示未找到生产状态的独立确认;“生产使用——已公告 [date]”表示已发布正式新闻稿或具名引用公告。证据新鲜度以每项部署最近一次公开确认日期为准。
[CU016, CU017, CU018, CU019, CU020, CU021]6.4 留存、耐久性与满意度信号
Salt Security 未公开披露 NRR、GRR、总留存率或同期群层面流失数据。G2 显示 12 条评价综合评分 4.7/5, 主题集中在产品能力强和支持团队响应很快。一名 G2 企业评价者(2023 年)给平台 5/5,并称其是 “API 安全工具中的 creme de la creme”。 一名 Senior Manager Security 评价者(2023 年)称产品“帮助我们解决攻击并更好理解漏洞,作用关键”,并提到 “Salt team 响应非常好”, 唯一批评是希望根因发现更好。更早的 G2 评价(2021–2022 年)提到产品较新、仍在成熟,缺少部分集成(原生 SIEM 操作日志缺口), 这更符合产品在 2021–2022 年的阶段,而非当前成熟度。PeerSpot 档案指出 Salt “改善安全态势”,并将实时监控和自动威胁检测列为受重视功能。 DeinDeal 案例研究(2021 年)未披露续约条款,但截至 2026 年客户页抓取时,DeinDeal 仍出现在 Salt 客户页,暗示关系延续。 Gartner Peer Insights URL 已抓取但返回 403 付费墙拦截,内容无法访问。保留来源中未发现企业客户流失、公开合同取消或关键负面评价。 负面信号是间接的:据称心智份额从 13% 降至 7%(2026 年)可能表示客户被竞争对手侵蚀,但这是来自 PeerSpot 的单一来源、未署名说法, 无法独立验证。[CU025, CU026, CU027, CU028, CU029, CU030]
| 指标 | 数值 / 状态 | 分群 | 置信度 | 尽调事项 |
|---|---|---|---|---|
| 净留存率(NRR) | 未披露 | 全部 | 低——缺失 | 向 Salt 索取过去 4 个季度 NRR;与一流安全 SaaS 的 110%+ 基准对照 |
| 总留存率(GRR) | 未披露 | 全部 | 低——缺失 | 索取 GRR;确认是否已经出现价格或产品层面的流失 |
| 合同期限 / 续约条款 | 未披露 | 企业客户 | 低——缺失 | 确认合同是年度还是多年期;多年期会降低近期流失风险 |
| G2 综合满意度评分 | 4.7/5(12 条评价) | 企业和中端市场混合 | 中——第三方可见 | 评价数量少,统计意义有限;索取可供直接电话访谈的客户名单 |
| Gartner Peer Insights 评分 | 受阻(付费墙 / 403) | 企业安全买家 | 低——无法访问 | 通过订阅访问 Gartner Peer Insights,或向 Salt 索取 Gartner 数据 |
| PeerSpot 资料页情绪 | 正面——将实时监控和威胁检测列为核心价值 | 企业客户混合 | 低——内容单薄 | 细读 PeerSpot;索取 PeerSpot 验证的企业客户背书 |
| DeinDeal 持续关系 | 推断仍活跃——DeinDeal 列在当前客户页面 | 零售 / 电商 | 低——仅由列表推断 | 确认 DeinDeal 仍是活跃付费客户;索取续约历史 |
公开来源完全缺失留存指标。所有“未披露”条目都是真正的数据缺口。G2 和 PeerSpot 评分反映可获得的独立评论信号;抓取时 Gartner Peer Insights 被阻断。DeinDeal 的持续关系仅基于其出现在当前客户页面,不能确认为续约证据。
[CU025, CU026, CU027, CU028, CU029, CU030]按队列年份展示 G2 评测满意度随时间变化,作为客户满意度轨迹的代理指标(无 NRR 数据)。
数值根据 G2 定性评测文本估计(截至 2026 年 5 月归档共 12 条评测)。2021-2022 年评测持续提到“有潜力但仍在成熟”和“缺少一些集成”——映射为较低的功能完整度分数。2023 年评测转向“精英中的精英”和“关键”这类表述——映射为较高分数。2024-2026 年未发布 G2 评测(距离运行日期约 2 个月空档),因此省略该列。该队列只用于说明情绪轨迹;不是具有统计显著性的 NRR 代理。
[CU025, CU026, CU027]6.5 扩张、集中度与渠道依赖
Salt 的 GTM 借助 CrowdStrike Falcon 平台(2025 年 4 月加深集成)、Microsoft Azure Marketplace 和 CrowdStrike Marketplace 作为分销渠道。3 年 AWS EDP 承诺又把 AWS 加入结构性合作。Salt 还与 AllCloud(AWS 托管服务)合作,说明复杂部署中可能存在 VAR/SI 渠道。 这些合作既带来分销触达,也带来依赖:Salt 触达 CrowdStrike 已安装客户基础(企业安全团队)的能力是增长杠杆, 但也意味着一部分销售管线健康度与 CrowdStrike 销售动作绑定。公司未公开披露收入集中度数据(前 10 大客户 ARR 占比)。 Salt 面向全球最大型企业,单笔交易很可能较大,账户集中度可能重要;这是尽调必问项。落地扩张模型有结构性基础: Salt 平台会随时间发现更多 API,并可在客户新增云环境、网关和 AI 智能体时扩展覆盖;每项新能力(AG-SPM、AG-DR、GitHub Connect) 都是新的增购切入点。但没有披露 NRR 或扩张 ARR 数据,无法验证该模型是否真正跑通。2026 上半年调研发现,47% 的组织因 API 安全顾虑推迟生产 AI 发布,这带来采购顺风,也可能成为快速采用较新 Agentic Platform 模块的阻力。[CU031, CU032, CU033, CU034, CU035, CU036]
| 维度 | 当前信号 | 集中度 / 依赖风险 | 影响 | 尽调路径 |
|---|---|---|---|---|
| 收入集中度(头部客户) | 未披露数据 | 未知——未披露 | 只面向企业客户销售,若单一客户 > 10% ARR 则为高风险 | 直接向 Salt 索取前 10 大客户收入占比;评估客户流失情景 |
| CrowdStrike 渠道依赖 | 深度集成(自 2025 年起);API 智能嵌入 Falcon | 中——重要分销渠道,但不是唯一渠道 | CrowdStrike 关系变化(定价、销售模式转向)可能影响销售管线 | 评估排他条款;确认 CrowdStrike 是转售商还是仅为集成伙伴 |
| AWS 平台依赖 | 3 年 EDP 承诺;AllCloud 管理 AWS 基础设施 | 中——所有 SaaS 托管在 AWS;未披露 Azure/GCP 主托管 | AWS 宕机或调价会影响服务交付;EDP 锁定削弱短期灵活性 | 确认 BCP 和多区域故障切换;审查 EDP 条款和退出约定 |
| 先落地再扩张(API 增长) | API 暴露面扩大和新模块(AG-SPM、AG-DR、GitHub Connect)在结构上支持扩张 | 正面——每个客户 API 越多,平台消耗越高 | 若 NRR > 100%,攻击面扩大应推动现有客户 ARR 增长 | 索取 NRR 数据;确认平台按 API、流量还是席位定价 |
| GitHub 依赖(GitHub Connect) | GitHub Connect 需要 GitHub API;尚未确认支持 GitLab/Bitbucket | 低至中——仅影响使用非 GitHub 平台的左移客户 | 使用非 GitHub 仓库的客户无法使用 GitHub Connect;限制完整平台采用 | 确认 GitLab/Bitbucket 支持路线图 |
| 市场心智份额趋势 | 据一个分析师来源称,从 13%(2025)降至 7%(2026) | 中——Imperva、Akamai、42Crunch 等带来竞争压力 | 心智份额下滑可能先于销售管线恶化或客户数流失出现,值得密切监测 | 用独立分析师来源交叉验证心智份额数据;结合 Salt 的赢单 / 输单数据三角验证 |
“当前信号”反映截至 2026-06-06 可获得的最佳公开证据。公开来源完全没有收入集中度数据。CrowdStrike 和 AWS 依赖信号来自官方公告和 AllCloud 案例研究。心智份额下滑数字来自单一分析师来源(PeerSpot),应视为提示性而非结论性。
[CU031, CU032, CU033, CU034, CU035, CU036]按具名客户参考拆解证据质量、结果具体度、留存可见度和生产成熟度。
证据质量评级基于留存来源的独立性和具体度。“高”= 独立发布的案例研究,包含具名高管引述和结果数据。“低”= 公司自写营销材料或仅列标识。留存可见度反映所有具名客户均缺少公开续约或 NRR 数据。G2 综合 4.7/5(12 条评测)提供组合层面的满意度信号,但不绑定单个账户。
[CU016, CU017, CU018, CU019, CU020, CU021]6.6 展项
07风险
7.1 竞争压力与市场商品化
Salt Security 处在快速整合的 API 安全市场,超大规模云厂商和 CDN 平台已经提供原生 API 防护功能, 直接竞争 Salt 的独立产品。Cloudflare 2021 年推出 API Abuse Detection,AWS API Gateway 原生提供限流、 授权和请求校验,Akamai 2024 年以约 $450 million 收购 Noname Security——Salt 主要的专用型竞争对手。 Akamai 2026 年宣布有意收购 LayerX,用于 AI 使用控制,显示平台扩张仍在继续。这些动作代表激进的平台整合, 会压缩独立 API 安全厂商可触达的溢价市场,并带来长期利润率压力。 Escape.tech(2025 年)的一份独立竞品对比称,安全专业人士对 Salt Security 的挫败感上升,原因是 POC 周期耗时数月,发现结果被描述为不可执行。G2 评价(共 12 条,平均 4.7 星)指出,产品“仍然相对较新,缺少不少附加功能”, 且 SIEM 日志集成缺乏原生操作日志。Salt Security 平台的企业销售周期天然较长;如果超大规模云厂商继续改进原生 API 安全能力, 买家可能选择足够好的捆绑式产品,而不是同类最佳的点解决方案。Wallarm、Akto、Imperva、F5 和 Escape 也构成来自专业厂商或捆绑玩家的额外竞争向量。 Noname/Akamai 以约 $450 million 退出,而此前估计私募估值超过 $1 billion,说明 API 安全市场没有拿到 2022 年风险投资高峰时预期的溢价收购倍数。这是评估 Salt Security 独立 API 安全业务价值时最直接可比的公开数据点。 [CR001, CR002, CR003, CR004, CR005, CR006]
| 失效模式 | 可能性 | 严重性 | 缓释成熟度 | 剩余暴露 | 未解缺口 |
|---|---|---|---|---|---|
| 超大规模云厂商原生 API 安全达到功能同等 | 高 | 极高 | 低——差异化依靠 ML 深度和数据集广度 | 高——长期 ASP 被压缩,市场份额被侵蚀 | 未量化竞争替代对 ARR 的影响 |
| 漫长 POC 周期限制企业获客速度 | 高 | 高 | 低——竞品对比已确认 POC 需数月 | 高——季度 ACV 增长承压,销售管线速度受损 | 未公开披露平均销售周期长度或 CAC |
| 智能体安全转向执行失败 | 中 | 高 | 低——Salt Code 处于早期访问,暂无外部采用指标 | 高——核心 API 安全市场被侵蚀,新市场尚未验证 | 未披露 Salt Code 的 GA 时间、定价或采用指标 |
| 以色列研发团队业务连续性中断 | 中 | 极高 | 中——已有部分美国 / 全球团队;未披露 BCP | 高——核心 ML/AI 知识产权开发集中在以色列 | 未公开披露业务连续性或继任计划 |
| SaaS 平台可用性或数据泄露 | 低至中 | 高 | 中——假设已有 SaaS 监控;正常运行时间 SLA 未公开 | 中——企业客户流失;触发监管通知义务 | 未公开事件历史或 SLA 文档 |
定性评估。缓释成熟度分为低(早期 / 未结构化)、中(部分 / 已文档化)和高(已文档化并测试)。未套用定量概率模型。
[CR001, CR002, CR017, CR023, CR024]在当前缓解措施之后,Salt Security 六大主要风险类别的可能性与剩余严重性对照。
可能性和剩余严重性是分析师基于公开证据作出的定性判断。未应用定量概率模型。
[CR001, CR003, CR007, CR013, CR019, CR023]7.2 监管、法律与隐私义务
Salt Security 核心业务需要监控和分析实时 API 流量,不可避免地处理 API 载荷中传输的个人身份信息。 这带来持续的 GDPR、CCPA 及其他隐私法合规义务。Salt Security 隐私政策(2024 年 3 月更新) 承认会收集和处理可能包含个人数据的客户 API 流量数据,并承诺与在欧盟运营的企业客户签署 GDPR Article 28 数据处理协议。 GDPR 违规最高可处全球年营业额 4% 或 €20 million(取较高者)的罚款,形成实质财务风险。 California Consumer Privacy Act 施加退出授权和删除义务,并允许对故意违规处以最高 $7,500/次的民事罚款。 SEC 2023 年网络安全披露规则(2023 年 12 月生效,Release 33-11216)要求上市公司客户在四个工作日内报告重大网络安全事件, 并每年披露风险管理治理,从而把合规文档需求下游传导到 Salt Security 这个记录在案的安全供应商。FTC 根据 Section 5 广泛执行数据安全标准,NIST Cybersecurity Framework 2.0(2024 年发布)已成为美国企业安全的事实标准, 企业客户和 Salt 平台都必须对齐。 存在知识产权诉讼风险:API 安全领域已经在 WAAP 和 API 监控版图出现专利主张,Salt 用于行为分析的专有机器学习方法, 可能吸引拥有更广泛专利组合的大型既有厂商发起专利挑战。 [CR007, CR008, CR009, CR010, CR011, CR012]
| 规则 / 法律 / 案件 | 司法辖区 | 状态 | 可能性 | 严重性 | 缓释措施 | 剩余暴露 | 尽调路径 |
|---|---|---|---|---|---|---|---|
| GDPR 第 5/28 条——API 流量载荷中的 PII | 欧盟 / 欧洲经济区(EEA) | 有效 / 持续 | 高 | 极高 | Salt 隐私政策承诺签署 DPA 协议(2024 年 3 月) | 高——罚款最高可达 €20M 或全球收入 4% | 获取已签署客户 DPA;审计数据最小化和留存 |
| CCPA——API 载荷中处理的个人数据 | 加利福尼亚(美国) | 有效 / 持续 | 高 | 高 | 隐私政策列明退出选择和数据删除流程 | 中——故意违规每次最高 $7,500 民事罚款 | 审查 CCPA 合规证明;确认删除流程能否规模化运行 |
| SEC 网络安全披露规则 33-11216 | 美国——联邦 | 2023 年 12 月生效 | 中 | 中 | 不直接适用于 Salt(私营公司);影响企业客户 | 低至中——来自 CISO 的下游合规文档需求 | 确认 Salt 如何支持客户 8-K 事件文档工作流 |
| 以色列出口管理(EAR/ITAR)——软件来源 | 以色列 / 美国 | 生效中 | 中 | 高 | 美国注册;美国本土销售;无已知受限技术 | 中——美国联邦合同资格;ITAR 受限客户约束 | 索取 EAR 分类法律意见;确认不存在受控加密出口 |
| FTC 第 5 条——数据安全执法 | 美国——联邦 | 生效中 | 低至中 | 高 | 合理安全计划;SOC2 Type II 状态未获公开确认 | 中——FTC 执法权限广;存在和解风险 | 索取 SOC2 Type II 报告;按 FTC 标准核验内部数据安全计划 |
| 知识产权 / 专利纠纷——基于 ML 的 API 行为分析 | 美国 | 潜在 | 低 | 高 | Salt 自有专利组合;需开展现有技术检索 | 中——诉讼成本和产品开发分心 | 对照 Imperva、F5 和 Akamai 专利组合审计自由实施空间 |
按严重性排序。可能性和严重性是分析师基于公开监管框架和公司披露做出的判断。截至 2026-06-06 运行日,公开记录未识别出针对 Salt Security 的活跃诉讼。以色列出口管制暴露由其以色列创始来源和研发推断而来。鉴于 Salt 的 API 流量检查模式,GDPR 和 CCPA 义务具有结构性。
[CR007, CR009, CR010, CR011, CR015]7.3 以色列来源、地缘政治与平台依赖风险
Salt Security 最初以 Secful, Inc. 注册,后由 Israeli Defense Forces 退伍军人 Roey Eliyahu(CEO)和 Michael Nicosia(COO) 在 2016 年公开推出,公司至今仍在以色列维持活跃 R&D 运营。2023 年 10 月升级的中东冲突,为 Salt 以色列工程团队带来业务连续性风险、 潜在人力中断,并增加美国联邦政府和国防邻近销售渠道的敏感性。在 Export Administration Regulations(EAR)和更广泛地缘政治背景下, 美国政府机构和承包商部署以色列来源供应商的安全产品可能受到审查。部分美国政府采购工具要求来源和供应链验证, 以色列来源软件必须满足这些要求。 平台依赖风险实质存在:Salt Security 平台依赖来自第三方 API 网关的带外流量镜像,包括 Apigee、Kong、MuleSoft 和 NGINX。 如果这些网关厂商投资原生安全分析——AWS API Gateway 已经在做——Salt 就会失去数据摄取优势。Kong 的 API 安全最佳实践 文档现在覆盖 Salt 所处理的同类威胁,说明网关厂商正在把自己定位为具备安全能力。云基础设施集中度增加运营风险: Salt SaaS 平台依赖 AWS 或 Azure 托管,造成对超大规模云厂商的可用性和成本依赖,而这些云厂商也通过原生 API 安全功能直接竞争。 客户迁移 API 网关平台时必须重新集成 Salt Security,迁移过程中产生流失风险。 [CR013, CR014, CR015, CR016, CR017, CR018]
| 依赖项 | 交易对手 | 角色 | 集中度 | 失败情景 | 严重性 | 缓释措施 | 剩余暴露 |
|---|---|---|---|---|---|---|---|
| 云基础设施(SaaS 托管) | AWS / Azure | SaaS 平台托管和算力 | 很高 | 超大规模云厂商涨价、政策变化或长期宕机 | 极高 | 多云冗余未确认 | 高——正常运行时间和单位经济性取决于交易对手 |
| API 网关集成(流量摄取) | Kong、Apigee、MuleSoft、NGINX | 接收 API 流量的主要机制 | 高 | 网关厂商推出竞争性安全功能,放弃 Salt 集成 | 高 | 多个网关合作伙伴分散单一供应商风险 | 中至高——AWS API Gateway 已以原生能力竞争 |
| 投资人基础(资本和治理) | Sequoia Capital、Tenaya 等 | 资本提供方;董事会影响战略和退出时点 | 高 | 要求降价融资、强推战略方向或发生董事会冲突 | 高 | 经验深厚的领投方(Sequoia)降低风险 | 中——未来融资动态取决于业绩轨迹 |
| Carl Eschenbach(董事) | 个人 / Alphabet | 战略治理,企业网络资源 | 中 | 离任会降低董事会质量和投资人信心 | 中 | 董事会成员更多元;Eschenbach 现任职 Alphabet,降低依赖 | 低至中——董事会多元化缓释单人风险 |
集中度评级为定性判断。云基础设施是最高的运营依赖。Sequoia 参与(Carl Eschenbach 自 Series B 起进入董事会)是治理质量缓释项。AWS API Gateway 既是集成伙伴又是竞争对手,这种双重角色是结构上最值得担心的依赖。
[CR016, CR017, CR018, CR036]外部主体的独立决策,会实质影响 Salt Security 的运营、收入和竞争位置。
[CR016, CR017, CR018, CR036]7.4 财务、融资与执行风险
Salt Security 在 2022 年 1 月 Series D 融资 $140 million,估值 $1.4 billion——接近私人科技估值高峰。 按 SEC Form D 文件,四轮总融资约 $271 million。2022 年以来,私人网络安全公司的 SaaS ARR 倍数大幅压缩。 从 Series D 到 2026 年 6 月运行日之间,没有公开宣布 Series E 或后续融资,暗示公司要么仍在消耗 Series D 资金续航, 要么已经盈利,要么无法以可接受条款融资。当前环境下任何新一轮融资,都可能需要接受降估值融资或低于 2022 年的估值。 公司累计 $271 million 融资形成的清算优先权堆叠意味着,低于 $400 million 的退出很可能让普通股股东拿到极少甚至零收益。 2026 年 6 月 “Salt Code” 面向前 100 家组织开放早期访问,代表一次重大战略转向 “Agentic Security”——保护 AI 智能体、 MCP 服务器和 API。这一转向需要新的产品开发投入、重塑 GTM,并重新教育客户。智能体 AI 安全仍是新兴市场, 买家定义和定价规范不清晰;来自 LLM 安全厂商(CrowdStrike、Palo Alto Networks、Wiz)的竞争框架也声称覆盖智能体安全。 如果转型失败,Salt 仍将暴露在收缩的纯 API 安全市场中,而超大规模云厂商正在侵蚀溢价 ASP。 [CR019, CR020, CR021, CR022, CR023, CR024]
| 角色 / 职能 | 依赖或缺口 | 可能性 | 严重性 | 缓释措施 | 尽调路径 |
|---|---|---|---|---|---|
| CEO / 联合创始人(Roey Eliyahu) | 愿景、外部可信度、投资人关系 | 低至中 | 极高 | CEO 任期和董事会一致性;Forbes 30U30 档案增强公开承诺信号 | 确认雇佣协议、股权归属悬崖期 / 时间表和联合创始人锁定安排 |
| 以色列研发团队(估计约占工程团队 50%) | 核心 ML/AI 行为分析知识产权开发 | 中 | 高 | 已有部分美国 / 全球招聘;远程优先能力得到部分验证 | 索取按以色列与美国划分的人数组织图;确认长期冲突下的 BCP |
| 企业销售领导层 | ARR 增长、续约和扩张 | 中 | 高 | 销售薪酬推测与 ARR 对齐;任期未知 | 索取销售负责人任期;确认 ARR 留存率和 NRR 指标 |
| 智能体安全转向的产品 / 工程 | 新产品开发带宽 | 中 | 高 | Salt Code 早期访问表明公司在积极投入开发 | 审查智能体团队规模;确认 Salt Code 设计伙伴名单 |
人员风险估计为定性判断;实际员工数和角色分布未公开披露。以色列研发集中度由公司创始来源推断,并由 2020 年 NoCamels 报道确认(Salt “总部位于加利福尼亚和以色列”)。
[CR013, CR014, CR022, CR023]Salt Security 的核心风险会沿 ARR 和估值传导,最终落到可能击穿投资逻辑的退出情景。
[CR001, CR003, CR013, CR019, CR022, CR023]7.5 缓释因素、终止标准与监控指标
Salt Security 针对竞争风险的主要缓释包括:通过智能体安全转向,在高增长 AI 安全空间抢在大型既有厂商前重新定位; 以及八年的 API 流量行为数据集,形成超大规模云厂商难以快速复制的数据护城河。Noname/Akamai 收购验证了战略 M&A 退出路径, 即便相对 2022 年估值打折。针对监管和隐私风险,Salt 2024 年 3 月隐私政策更新及其承诺签署 GDPR 数据处理协议, 构成部分结构性缓释。Sequoia Capital 参与(Carl Eschenbach 自 Series B 起进入董事会)提供治理质量和网络资源, 降低不利资本事件风险。 关键论点失效触发因素包括:ARR 同比增长低于 15%;以色列 R&D 人员中断超过三个月;Salt 遭遇任何 GDPR 或 FTC 执法行动; Salt Code 正式 GA 后 12 个月内未能展现实质外部采用;新融资轮投前估值低于 $800 million; 或标杆企业客户流失给超大规模云厂商的捆绑式替代方案。以 $600 million 或以上 M&A 退出,将代表相对 2022 年标记的部分论点修复; 低于 $300 million 退出,则构成 Series D 投资人的论点失效。 [CR025, CR026, CR027, CR029, CR030, CR036]
| 风险 | 可监测触发器 | 阈值 / 事件 | 行动含义 |
|---|---|---|---|
| 竞争性商品化 | ARR 增长率 | 任一 12 个月测量期内 ARR 同比增长低于 15% | 投资逻辑破裂:加速 M&A 流程,或考虑以承压倍数进行老股出售 |
| 估值压缩 / 降价融资 | 新融资或 M&A 价格 | Series E 轮或 M&A 流程的投前估值低于 $800M | 投资逻辑破裂:2022 年 $1.4B Series D 逻辑失效;按当前估值评估退出替代方案 |
| 以色列研发人力中断 | 以色列人力可用性 | 长期中断连续超过 3 个月影响超过 20% 的工程团队 | 重大风险:要求启动 BCP;评估产品路线图延迟影响 |
| GDPR 或 FTC 执法行动 | 监管问询、罚款或同意令 | 欧盟 DPA 或 FTC 对 Salt Security 发出任何执法行动 | 重大风险:评估罚款规模;评估客户合同续约影响 |
| 智能体安全转向停滞 | Salt Code 采用指标 | GA 日期后 12 个月内未公告外部设计伙伴案例研究或付费客户 | 战略风险:转向可能无法形成差异化;需评估核心 API 安全竞争护城河 |
| 超大规模云厂商功能同等公告 | AWS / Cloudflare / Akamai 产品发布说明 | 重大 API 安全功能同等公告削弱 Salt 检测优势 | 竞争风险:加速 M&A 接洽;在下一轮续约周期前考虑战略替代方案 |
否决标准阈值是分析师基于典型 Series D 网络安全 SaaS 投资人预期作出的估计。实际投资人条款、优先股堆叠细节和管理层业绩基准未公开披露。这些触发器是监控启发式,并非合同契约。
[CR025, CR027, CR028, CR030]7.6 展项
08估值
8.1 投资论点与反论点
Salt Security 的投资论点建立在四根支柱上:(1)大型且增长中的 API 与智能体安全市场(2030 年总可服务市场 $5-10 billion), (2)八年行为数据集和 ML 模型,超大规模云厂商难以快速复制,(3)抢在既有安全平台前及时转向 Agentic Security, (4)Sequoia Capital 背书及包含 Carl Eschenbach(Alphabet)的董事会,带来治理质量和企业网络资源。 Noname/Akamai 以约 $450 million 收购,验证 CDN 和云玩家对 API 安全平台有 M&A 兴趣。 反论点同样重要:(1)Salt Security 2022 年 $1.4 billion 估值设在风险投资市场高峰,按 Noname 可比交易现在隐含 40-60% 折价; (2)ARR 未披露,无法验证公司财务轨迹是否支撑 2022 年标记;(3)超大规模云厂商(Cloudflare、AWS、Akamai) 以现有客户零边际成本捆绑 API 安全,压缩 Salt 可获得的 ASP 和 TAM;(4)Agentic Security 转向仍处早期访问阶段, 没有外部采用指标,同时带来对现有 API 安全客户基础的内部蚕食风险和新类别执行风险。据报道, 客户 POC 周期耗时数月,G2 评价也指出 SIEM 集成存在产品缺口。 综合看,论点尚未破裂,但需要更多证据才能支持有信心的正面决策。投资论点关键取决于:(a)在竞争压力下证明 ARR 年增长高于 15%, (b)Agentic Security 转向在 12-18 个月内获得付费客户基础,(c)以色列 R&D 团队具备业务连续性韧性。 [CV001, CV002, CV003, CV004, CV005, CV006]
| 维度 | 投资逻辑 | 反向逻辑 | 观点改变条件 |
|---|---|---|---|
| 市场 | API / 智能体安全 TAM 到 2030 年扩至 $5-10B;AI 智能体扩散带来结构性需求 | 超大规模云厂商以零边际成本捆绑 API 安全;压缩 Salt 可收费的可服务市场 | 超大规模云厂商原生功能在 OWASP Top 10 覆盖上证明达到同等水平 |
| 产品 | 8 年行为数据集与 Salt Labs 研究构成真实 ML 护城河;Salt Code 延伸进开发流程 | Salt Code 仍仅限早期访问;智能体转向可能无法在竞争对手前跑出 PMF;评测中提到 SIEM 集成缺口 | Salt Code 在 GA 后 12 个月内转化 20+ 个付费客户,ACV 均超过 $100K |
| 财务 | Sequoia 支持,累计融资 $271M;未见陷入困境的报道;公司仍在积极招聘(2026 年推出 Salt Code) | ARR 未披露;2022 年以来未公布新的 ARR 里程碑;若增长停滞,现金跑道可能成问题 | 公司公布 ARR 里程碑 >$70M,或以高于 $800M 估值完成 Series E |
| 竞争 | Noname / Akamai 交易验证并购退出路径;Salt 是剩余最大的独立 API 安全平台 | Akamai(Noname)、Cloudflare、AWS、Imperva、F5 均提供竞争性 API 安全;整合正在加速 | Salt 宣布与一级收购方建立战略合作,或启动出售流程 |
| 团队 / 治理 | Roey Eliyahu(CEO,Forbes 30U30)、Carl Eschenbach(Alphabet / Sequoia 董事)、强以色列技术基因 | 以色列研发集中带来地缘政治业务连续性风险;未见公开 BCP 文件 | 公司披露以色列工程团队组织韧性计划 |
| 估值 | 以 $450-600M 入场,风险 / 回报可自洽;Noname 可比交易支持这一区间 | 2022 年 $1.4B 估值标记需要 10-14x ARR 倍数——当前可比组不支持 | 新一轮融资或老股交易以 $600M+ 估值完成,证明机构在合理倍数上继续支持 |
反向逻辑有公开证据支撑。投资逻辑部分依赖推断和估计市场动态,尚未用 Salt Security 的私有财务数据验证。
[CV003, CV004, CV005, CV006, CV007, CV008]从关键市场、产品和风险信号,串起到“继续研究”建议的证据链。
[CV001, CV004, CV009, CV021]8.2 融资背景与估值证据
Salt Security 按 SEC Form D 记录的四轮融资约 $271 million:早期轮(约 $11M,2018 年)、Series B($30M,Sequoia 领投,2020 年)、 Series C(约 $68M,2021 年)以及 Series D(2022 年 1 月以 $1.4B 投后估值完成 $124M)。截至 2026 年 6 月运行日, 未发现 Series E 或公开二级交易。公司在 Delaware 注册(Salt Security, Inc.,前身 Secful Inc.),总部位于 California Palo Alto。 $271M 融资按递进清算条款形成偏好权悬垂,意味着低于 $400 million 的退出,在典型全棘轮或参与型优先股 条款下,普通股股东可能拿到零或极少收益。 关于 Salt Security 当前财务健康状况,公开证据有限。公司未披露 ARR、收入运行率或现金消耗率。未发现数据泄露、公开投诉或执法行动。 Agentic Security 是当前产品定位(截至 2026 年 6 月),Salt Code 已面向前 100 家企业组织开放早期访问。 公司博客活跃(最近一篇 2026 年 6 月)。2024–2025 年没有 ARR 里程碑公告,引发对增长轨迹的疑问。 在这种不透明下,2024 年 Noname/Akamai 约 $450M 收购是最相关的公开数据点。Noname 融资约 $220 million, 最后私人估值超过 $1 billion;收购价较其私募标记打了 40-60% 折扣。如果 Salt Security 走类似折价路径, 隐含公允价值区间为 $560-840 million(较 $1.4B 标记折价 40-60%)。相对 Noname 价格的全周期 M&A 溢价 会指向 $600M-$900M,仍低于 2022 年标记。 [CV009, CV010, CV013, CV014, CV015, CV016]
| 维度 | 值 | 依据 | 置信度 | 决策含义 |
|---|---|---|---|---|
| 建议 | 继续研究 | ARR 数据不足;转向尚未验证;估值偏高 | 中 | ARR 和 BCP 尽调完成前不要投入资本 |
| 置信度 | 低至中 | 私营公司;未披露 ARR、烧钱速度或 NRR | N/A | 置信度提高前,需要大量私下尽调 |
| 风险评级 | 高 | 竞争性商品化、地缘政治、融资压力 | 中 | 保守控制仓位;主动跟踪投资逻辑破裂触发项 |
| 估值立场 | 偏高 | $1.4B 估值标记对比 Noname $450M 可比交易;隐含 10-14x ARR,对比市场 5-7x | 中 | 新进场必须较 2022 年估值标记有实质折价;目标入场估值 <$700M |
| 退出周期 | 3-5 年 | 并购退出最可能;达到 IPO 准备度还需要 3 年以上规模化 | 低 | 按并购退出定价;基准情景计入较 2022 年估值标记下行 40-60% |
建议对价格高度敏感。若入场估值为 $500-600M(较 2022 年估值标记折价 30-60%),风险 / 回报显著改善。若按 2022 年估值标记进入,基于 Noname 可比交易,Series D 投资者的预期情景结果为负。
[CV001, CV002, CV009]截至 2026 年 6 月,Salt Security 关键投资维度的 IC 可用评分。
[CV001, CV003, CV005, CV009, CV016, CV021]8.3 牛市、基准与熊市情景分析
牛市情景假设 Salt Security 到 2027–2028 年实现 $80-100M ARR,成功将相当一部分客户基础迁移到 Agentic Security 并获得溢价定价, 同时吸引超大规模云厂商或企业安全平台以 7-8x 远期 ARR 发出 M&A 要约。$80M ARR、7x 倍数对应企业价值 $560 million; $100M ARR、8x 倍数对应 $800 million。牛市退出相当于从 2022 年 $1.4B 标记恢复 40-57%,会让 Series C 投资人 (按约 $1/股、$68M 资本进入)获得中性到正收益,但 Series D 投资人(按约 $1.4B 每股等价估值进入)可能仍为负收益。 牛市需要:Agentic Security 在 12-18 个月内形成实质付费 ARR、没有主要企业客户流失给超大规模云厂商,以及以色列 R&D 连续性。 基准情景假设 ARR 温和增长(每年 10-15%)到 2027 年达到 $60-70M,Agentic Security 转向取得早期采用但未爆发, Salt Security 通过 M&A 以 5x ARR 出售给 CDN 或企业安全收购方,对应约 $300-350M。在该情景下,Series D 投资人 (按约 $1.4B 估值进入)在企业价值上将面临 75-80% 损失,普通股股东在清算优先权后收益极少。 熊市情景假设 API 安全商品化加速,Agentic Security 转向未能实现产品市场匹配,ARR 增长停滞在 10% 以下, Salt Security 被迫以 3x ARR($150-200M)困境 M&A,或进行进一步稀释普通股的降估值融资。 $150-200M 的熊市退出很可能让普通股股东零收益,Series B/C 投资人只能部分回收。 [CV017, CV018, CV019, CV020, CV023, CV024]
| 情景 | 核心假设 | 估计 ARR(2027-28) | 退出倍数 | 隐含企业价值 | 主要风险 | 概率信号 |
|---|---|---|---|---|---|---|
| 乐观 | Agentic Security 在 12-18 个月内跑通 PMF;ARR 同比增长 25%+;以溢价并购退出 | $90-110M | 7-8x ARR | $630-880M | 转向执行;超大规模云厂商原生功能追平 | 低-中(25-30%) |
| 基准 | ARR 温和增长 10-15%;API 安全基本盘守住,Agentic 开始有牵引;按市场价并购 | $60-70M | 5-6x ARR | $300-420M | 退出估值压到 $300M 以下;清算优先权瀑布使普通股归零 | 中(45-50%) |
| 悲观 | ARR 停滞或下滑;Agentic Security 未跑出 PMF;困境并购或下轮降价融资 | $40-55M | 3-4x ARR | $120-220M | 普通股股东没有回款;降价轮进一步稀释 | 低-中(20-25%) |
情景概率为分析师估计,依据行业基准、可比交易和竞争动态。2027-28 年 ARR 估计基于典型 Series D 网络安全 SaaS 增长轨迹;实际 ARR 未公开披露。隐含企业价值为清算优先权瀑布前的企业价值。
[CV017, CV018, CV019, CV020]Salt Security 三种情景下的估计企业价值区间,单位为百万美元。
企业价值区间为分析师估计,基于 Noname/Akamai 收购基准($450M)、估计 ARR 情景($40-100M 区间)以及当前私营网络安全 SaaS 倍数(3-8x ARR)。区间纳入了 ARR 未披露和转型执行差异带来的不确定性。单位为百万美元。
[CV017, CV018, CV019, CV020]8.4 可比估值组与市场背景
私人 API 安全 M&A 可比样本很薄,但 Noname/Akamai 交易提供锚点。上市安全 SaaS 公司提供次级基准, 不过大多数比 Salt Security 规模更大、业务更多元,或盈利阶段不同。可比组给出的关键信号是: 除非达到相当规模($150M+ ARR),或被战略收购方看中专利组合或客户基础,独立 API 安全平台拿不到溢价收购倍数。 Salt Security 估计 $50-80M ARR 区间明显低于驱动溢价 M&A 定价的规模门槛。 2022 年高峰估值融资的私人 SaaS 网络安全公司,在 2023–2026 年私募市场普遍面临 40-60% 估值压缩。 跨阶段比较显示,$50-80M ARR 且增长 20-30% 的网络安全 SaaS 公司,在 2025–2026 年二级市场交易于 5-8x ARR。 按 Salt Security 估计 $50-80M ARR 区间,5-7x ARR 倍数对应企业价值 $250-560M,覆盖 Noname 可比交易($450M), 并说明若要兑现 2022 年 $1.4B 标记,需要 10-14x ARR——当前可比组不支持这一倍数。Agentic Security 转向若成功, 可能释放平台溢价,但市场尚未将智能体 AI 安全与 API 安全分开定价。 [CV021, CV022, CV023, CV027, CV028, CV029]
| 可比对象 | 类型 | 指标 | 倍数 / 估值 | 与 Salt Security 的相关性 | 主要局限 |
|---|---|---|---|---|---|
| Noname Security / Akamai(2024) | 私有公司并购 | 累计融资约 $220M;此前估值标记约 $1B+ | 收购价约 $450M(较私有估值标记折价约 50%) | 最接近的直接可比:独立 API 安全,规模相近,以色列创立 | Akamai 平台溢价未必适用于纯财务买家 |
| Imperva(Thales 收购,2023) | 私有公司并购 | 收购价约 $3.6B | 约 5-6x 收入(估计);捆绑 WAF / API / DDoS | 说明 CDN / 安全平台愿意为 API 安全资产付费 | Imperva 规模大得多且更多元;不是纯 API 安全可比 |
| Cloudflare(NET,2026 年中估计) | 上市 SaaS 平台 | 远期收入约 $1.5B(估计) | 远期收入约 12-15x(估计) | 领先 API 安全 + CDN 板块;享有平台宽度溢价 | 规模大得多;平台宽度无法与 Salt 的单点方案直接比较 |
| Qualys(QLYS,2026 年中估计) | 上市 SaaS 安全 | 收入约 $600M(估计) | 远期收入约 6-7x(估计) | 成熟 SaaS 安全可比对象,可用于私有到上市过渡的基准 | 重点在云安全;GTM 与 API 安全不同 |
| Rapid7(RPD,2026 年中估计) | 上市应用安全 | 收入约 $800M(估计) | 远期收入约 3-4x(估计) | 在上市公司中,规模和应用安全角度最接近 | 以 SIEM / SOAR 为主;API 安全是次要功能;倍数受压 |
| CrowdStrike(CRWD,2026 年中估计) | 上市终端 / 安全平台 | 收入约 $3.9B(估计) | 远期收入约 15-18x(估计) | 代表广泛采用并形成平台地位后可拿到的平台溢价 | 规模大得多,终端优先;Salt 需先做出平台地位才配得上该倍数 |
2026 年中上市公司倍数为分析师估计,依据一致预期增长预测和当时 SaaS 安全倍数;Salt Security 未披露 ARR 或收入,因此所有相对 Salt 的隐含倍数均为估计。Noname / Imperva 收购价为报道数字;确切条款和业绩对赌条款未公开。
[CV021, CV022, CV023, CV027, CV028, CV029]不同 ARR 倍数下的企业价值结果,并与 2022 年 Series D 标记和 Noname 收购基准对比。
ARR 估计值($55M、$65M、$90M)是分析师基于 Series D 融资背景和行业基准推断;实际 ARR 未公开披露。企业价值以百万美元计。
[CV017, CV018, CV019, CV021, CV022]8.5 退出准备、尽调事项与论点失效触发因素
Salt Security 的退出准备度中等。最可能的路径是并购退出,买方可能来自 CDN、云厂商或企业安全公司; Akamai、Cloudflare、CrowdStrike、Palo Alto Networks、Google 都是潜在战略买家。Noname/Akamai 交易已经证明,CDN 玩家愿意收购 API 安全资产。IPO 准备度低:ARR 规模、盈利路径,以及智能体转向尚未验证, 意味着公司最快也要 3-5 年才具备公开市场条件。老股流动性可以给现有投资人一个出口,但价格未知, 大概率低于 2022 年估值。 最终尽调必须回答:(1)实际 ARR、ARR 增速和 NRR,用来测算业务规模并验证 5-7x 倍数区间; (2)以色列团队员工数和业务连续性文件;(3)关键 GDPR 第 28 条数据处理协议副本和 SOC2 Type II 认证; (4)在 $300M、$450M、$600M 退出价格下的股权结构表和清算优先权瀑布模型; (5)Agentic Security 付费客户或已签试点协议的证据。 会打破 Salt Security 投资逻辑的触发因素包括:ARR 下降或同比增速低于 10%;一家大客户公开称已用 超大规模云厂商替换 API 安全;Salt Code GA 后 12 个月内仍未宣布任何 Agentic Security 付费客户; 以色列 R&D 中断超过三个月;任何监管执法;或以低于 $600M 的投前估值完成新一轮融资。 [CV031, CV032, CV033, CV034, CV035, CV036]
| 触发项 | 阈值 | 对投资逻辑的传导 | 行动含义 |
|---|---|---|---|
| ARR 下滑或同比增长低于 10% | 任一经确认的 ARR 增速在 12+ 个月内 <10% | 显示竞争替代发生;基准情景转向悲观 | 启动退出流程;以任何可获得倍数寻求并购 |
| 主要客户用超大规模云厂商替换 Salt | 任一具名公开客户宣布迁移到 AWS / Cloudflare 原生 API 安全 | 说明客户基盘估值受损;倍数压缩加速 | 立即评估续约队列;加快并购接触 |
| 新一轮投前估值低于 $600M | 任一融资或老股交易宣布估值 <$600M | 确认 Series D 估值标记受损;触发优先股稀释模型 | 建模新的优先股堆叠;重新评估普通股股东回收额 |
| Agentic Security 在 GA 后 12 个月内未拿到付费客户 | GA 日期后 12 个月内未公布 Salt Code 付费客户 | 转向执行风险兑现;没有新收入流抵消 API 商品化 | 重新评估竞争护城河;评估加速战略出售 |
| 以色列研发中断 >3 个月 | 以色列可用员工持续 3+ 个月低于 50% | 产品开发停摆;路线图延后;客户信心受损 | 启动 BCP;要求披露美国 / 全球工程备份能力 |
止损标准是基于典型 Series D 网络安全投资者预期的监测启发式指标。实际投资者条款和触发条款未公开。
[CV031, CV032, CV033, CV034, CV035]| 主题 | 缺失证据 | 重要性 | 负责人 / 尽调路径 |
|---|---|---|---|
| ARR 与增长率 | 2024 年和 2025 年年经常性收入、同比增长率、NRR | 没有 ARR,就无法做基于倍数的估值;也无法确认基准还是悲观情景 | 要求提供审计财务报表或管理账;与前销售员工交叉验证 |
| 业务连续性 | 覆盖冲突升级情景的以色列研发团队书面 BCP | 以色列团队集中是重大风险;没有 BCP 无法评估严重程度 | 向公司索取;审查工程团队地域分布和备份计划 |
| GDPR DPA | 与 3-5 家欧盟客户已签署的 GDPR 第 28 条数据处理协议副本 | 没有 DPA 证据,无法确认监管合规;存在欧盟执法风险 | 向法律顾问索取;审查 DPA 模板和数据留存条款 |
| 股权结构表与瀑布 | 当前股权结构表、优先权条款,以及 $300M、$450M、$600M 退出下的清算瀑布模型 | 在累计优先权约 $271M 以下,普通股回收额为零;这是回报建模的关键 | 向公司索取股权结构表;与法律 / 财务顾问建模优先股堆叠 |
| Agentic Security 进展 | 截至 2026 年中,Salt Code / Agentic Security 产品已签署的试点协议或 LOI | 转向逻辑需要 PMF 证据;仅早期访问不足以支撑投资信心 | 索取设计伙伴名单;与早期访问组织做客户访谈 |
尽调问题按重大性排序。第 1 项(ARR)和第 2 项(BCP)是任何投资决定前的最低必要条件。第 3-5 项是形成充分信心所需。
[CV036, CV037, CV038, CV039, CV040]8.6 附录
免责声明
本尽调报告由 AI 研究代理基于截至 2026-06-06 的公开来源生成,不构成投资建议。Salt Security 是私营公司,关键财务、合同和治理细节仍未披露;任何投资决策都应结合管理层材料和经审计财务数据验证。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | Salt Security was founded in 2016 by Roey Eliyahu and Michael Nicosia, with early operating roots in Israel before scaling into its current Palo Alto, California headquarters. | 高 | SO002, SO005 |
| CO002 | The company was originally incorporated under the name Secful before rebranding to Salt Security. | 中 | SO018 |
| CO003 | Salt Security is incorporated in Delaware with headquarters in Palo Alto, California, and R&D operations in Tel Aviv, Israel. | 高 | SO002, SO026 |
| CO004 | Salt Security's core product is the Salt Security API Protection Platform, combining cloud-scale big data with ML/AI for API discovery, behavioral threat detection, and posture governance. | 高 | SO001, SO010 |
| CO005 | Salt Security markets itself as the first company to build a patented, dedicated API security platform, positioning itself as the category creator. | 中 | SO013, SO014 |
| CO006 | Salt Security is currently a late-stage private company at Series D stage; no IPO has been announced as of June 2026. | 高 | SO009, SO002 |
| CO007 | Salt Security extended its platform to cover agentic AI security, MCP server protection, and conversational investigation ("Ask Pepper AI") by end of 2025. | 高 | SO025, SO010 |
| CO008 | Salt Security deploys its platform as a cloud-delivered SaaS solution that integrates with API gateways, WAFs, and SIEM platforms without requiring agents or inline code changes. | 高 | SO001, SO008 |
| CO009 | CEO Roey Eliyahu co-founded Eshkol cybersecurity college and spent three years in the IDF's elite cybersecurity unit, culminating in a team-leader role. | 中 | SO017, SO015 |
| CO010 | COO Michael Nicosia previously served as VP of Global Sales at Adallom, which was acquired by Microsoft for its Cloud App Security capabilities. | 中 | SO019 |
| CO011 | Kfir Lippmann joined as CFO and had led finance at monday.com from 40 employees through its Nasdaq IPO. | 高 | SO007, SO019 |
| CO012 | Matt Quarles joined as CRO in 2023 with enterprise security sales experience to scale global revenues. | 中 | SO006, SO019 |
| CO013 | Michael Callahan joined as CMO in 2023, previously serving as CMO at Acronis with over 20 years of cybersecurity marketing experience. | 中 | SO006, SO019 |
| CO014 | Renee Hollinger serves as Chief People Officer, formerly CHRO at Reltio. | 中 | SO019 |
| CO015 | Gilad Gruber serves as SVP of Engineering; formerly CTO at Payoneer. | 中 | SO019 |
| CO016 | Yaniv Balmas leads Salt Labs as VP of Research, having previously led cyber research at Check Point Software for eight years. | 中 | SO007, SO018 |
| CO017 | The Salt Security board includes Tom Banahan (Tenaya Capital), Carl Eschenbach (Sequoia Capital), James Luo (CapitalG), Haim Sadger (S Capital VC), and Ayala Peterburg (S Capital VC); no independent directors have been publicly identified. | 高 | SO013, SO014, SO004, SO017 |
| CO018 | Salt Security raised a $20 million Series A in June 2020, led by Tenaya Capital; Tom Banahan joined the board. | 高 | SO013, SO015 |
| CO019 | Salt Security raised a $30 million Series B in December 2020, led by Sequoia Capital; Carl Eschenbach joined the board; total raised reached $60 million. | 高 | SO014, SO020 |
| CO020 | Salt Security raised a $70 million Series C in May 2021, led by Advent International; the company cited 400% revenue growth and 160% headcount growth in the prior 12 months. | 高 | SO008, SO027 |
| CO021 | The Series C Form D was filed with the SEC on 16 June 2021 (File No. 021-403048, CIK 0001753414); total offering approximately $70 million, of which approximately $68 million was sold. | 高 | SO027, SO008 |
| CO022 | Salt Security raised a $140 million Series D in February 2022, led by CapitalG, at a $1.4 billion valuation; all existing investors participated; James Luo joined the board. | 高 | SO002, SO004, SO005 |
| CO023 | The Series D Form D was filed with the SEC on 18 February 2022 (File No. 021-434118); total offering $140 million; $124.4 million sold; $15.6 million remaining. | 高 | SO026, SO002 |
| CO024 | Total equity raised across all rounds as of Series D is approximately $271 million; the company raised $210 million in the 12 months preceding the Series D. | 高 | SO005, SO017 |
| CO025 | In September 2022, CrowdStrike's Falcon Fund made a strategic investment in Salt Security, initiating a partnership that later produced the Falcon integration announced at Fal.Con 2023. | 高 | SO016, SO028 |
| CO026 | Y Combinator participated in Salt Security from seed through Series D, with YC Continuity describing Salt as one of the most elite YC companies. | 高 | SO017, SO002 |
| CO027 | DFJ Growth, Alkeon Capital, and Advent International participated in the Series C and continued in the Series D round. | 高 | SO002, SO008 |
| CO028 | Salt Security's last confirmed primary-round valuation is $1.4 billion, established at the February 2022 Series D. | 高 | SO002, SO026 |
| CO029 | Third-party database Latka estimates Salt Security ARR at approximately $48.5 million (November 2024) and approximately $75 million (June 2025), implying approximately 54% YoY growth. | 中 | SO012 |
| CO030 | Headcount was approximately 135 at Series D close (February 2022), approximately 192 at end of 2022, approximately 202 at end of 2023, and approximately 201 in November 2025 per LinkedIn-derived estimates. | 中 | SO017, SO012 |
| CO031 | The Series D press release cited 500% revenue growth, 300% customer base growth, and 900% growth in signed Fortune 500 and Global 500 customers in the year preceding February 2022. | 高 | SO018, SO017 |
| CO032 | Named enterprise customers include Equinix, Amway, OneMain Financial, Finastra, Aon, Telefónica, City National Bank, Live Oak Bank, HealthEquity, Navan, Takeda Pharmaceuticals, BP Launchpad, Markel, Berkshire Bank, Icatu Seguros, and Apiture. | 中 | SO019, SO017, SO018 |
| CO033 | Absolute customer count has not been disclosed in any reviewed public source. | 中 | |
| CO034 | Salt Security has offices in Palo Alto, California (headquarters/sales) and Tel Aviv, Israel (R&D), with sales and customer success teams in Europe and Latin America added after the 2021 Series C. | 高 | SO002, SO008 |
| CO035 | The Salt Security STEP (Salt Technical Ecosystem Partner) program was launched in August 2023 to formalize and scale technology integrations with partners. | 高 | SO006, SO025 |
| CO036 | Salt Security announced the CrowdStrike Falcon Platform integration at Fal.Con 2023 in September 2023, enabling joint API + endpoint security for customers. | 高 | SO016, SO028 |
| CO037 | In late 2024, Salt Security expanded its CrowdStrike partnership to integrate with Falcon Next-Gen SIEM, combining API telemetry with endpoint, identity, and cloud telemetry. | 中 | SO028 |
| CO038 | Salt Labs published the 2024 State of API Security report, which found only 10% of organizations had an API posture governance strategy; Salt positions this research to demonstrate category leadership. | 高 | SO011, SO025 |
| CO039 | No WARN Act filings or publicized mass layoffs for Salt Security were found in the layoffs.fyi tracker or major tech news through the run date. | 中 | SO024 |
| CO040 | Escape.tech, a competing API security vendor, criticized Salt Security's reliance on HTTP header analysis over deep payload inspection and its limited ability to discover unmonitored APIs outside gateways or proxies. | 中 | SO022 |
| CO041 | Akto, a competitor, cited Salt Security's platform complexity and premium pricing as barriers limiting adoption by mid-market companies. | 中 | SO023 |
| CO042 | Secondary-market platforms including Forge Global list Salt Security as actively traded but note that market prices may reflect discounts to the 2022 primary-round valuation. | 中 | SO009 |
| CO043 | Salt Security reported gross margins improved to over 90% as of June 2020, per TechCrunch; current gross margin is not publicly disclosed. | 中 | SO015 |
| CO044 | No Series E or subsequent primary equity round has been disclosed as of the June 2026 run date; Salt Security's last primary round was February 2022. | 中 | SO009, SO021 |
| CM001 | API security is defined as the discipline of discovering, inventorying, governing, and protecting Application Programming Interfaces against attacks, data exposure, and business-logic abuse across their full lifecycle from design through production. | 高 | SM003, SM004 |
| CM002 | The Gartner WAAP (Web Application and API Protection) category combines traditional WAF, bot protection, DDoS mitigation, and API-specific security controls into a single market definition that is broader than the standalone API security market. | 高 | SM022, SM005 |
| CM003 | Status-quo substitutes for dedicated API security tools include enterprise WAF rules (Imperva, Akamai, Cloudflare), API gateway security policies (Kong, MuleSoft, AWS API Gateway), manual penetration testing, and SSPM tools with partial API coverage. | 中 | SM008, SM010, SM006 |
| CM004 | The G2 API Security category requires products to: discover and inventory API connections, provide authentication and RBAC mechanisms, ensure data encryption, maintain detailed access logs, and perform security audits and vulnerability assessments. | 中 | SM004 |
| CM005 | The OWASP API Security Top 10 (2023) defines the canonical API risk taxonomy that procurement teams and compliance frameworks reference: BOLA, Broken Authentication, Broken Object Property Level Authorization, Unrestricted Resource Consumption, Broken Function Level Authorization, Unrestricted Access to Sensitive Business Flows, SSRF, Security Misconfiguration, Improper Inventory Management, and Unsafe Consumption of APIs. | 中 | SM003 |
| CM006 | Salt Security's product, the Agentic Security Platform (formerly Salt API Protection Platform), encompasses three integrated capabilities: API discovery and visibility (Illuminate), API posture and compliance, and API threat detection and protection — marketed as the first patented ML-based API protection solution. | 高 | SM001, SM020 |
| CM007 | MarketsandMarkets (July 2023) projects the global standalone API Security market to reach USD 3,034 million by 2028 at a CAGR of 32.5% during the forecast period. | 高 | SM002, SM015 |
| CM008 | MarketsandMarkets (July 2026) projects the Application Security market (which includes API security as a sub-segment) at USD 41.16 billion in 2026, growing to USD 66.03 billion by 2031 at a CAGR of 9.9%. | 中 | SM002 |
| CM009 | The standalone API security market is narrower than the WAAP or application security market; the $3.0B by 2028 MarketsandMarkets estimate covers API-specific platforms, solutions, and services only, implying a 2023 base of approximately USD 680 million (back-calculated at 32.5% CAGR). | 中 | SM002 |
| CM010 | Contradictory sizing estimates exist: MarketsandMarkets projects $3.0B by 2028 for standalone API security, while other analyst summaries cited in industry press position the 2026 API security market at $3–5B, reflecting definitional boundary differences between narrow API-only and WAAP. | 中 | SM002, SM015 |
| CM011 | The SAM for Salt Security — defined as large enterprise accounts (>1,000 employees) with complex API-intensive application stacks in regulated verticals — cannot be precisely isolated from public sources; an evidence gap exists. | 低 | |
| CM012 | Salt Security's 2024 State of API Security report found that the count of APIs increased by 167% year-on-year, and APIs are now five times larger (by endpoint count) than at the beginning of 2023. | 中 | SM012 |
| CM013 | Salt Security's 2024 report found that 66% of respondents manage more than 100 APIs (up from 59% in 2023), and 67% receive more than 10 million API requests monthly. | 中 | SM012 |
| CM014 | Only 7.5% of organizations have implemented dedicated API testing and threat modeling programs (Salt 2024), down from 12% with advanced programs in 2023 — indicating API security program maturity declined year-on-year. | 中 | SM012 |
| CM015 | The Gartner 2021 prediction revised and stated: "By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications" — and was characterized as "On Target" in the December 2021 Gartner Predicts report. | 高 | SM013, SM015 |
| CM016 | The primary buyer persona for dedicated API security tools is the CISO or VP of Application Security at enterprises with >USD 500M revenue, complex API surface areas (100+ external APIs), and regulated data obligations; the AppSec or DevSecOps team is the technical evaluator. | 中 | SM013, SM019, SM020 |
| CM017 | Salt Security's named enterprise customer set spans financial services (Berkshire Bank, City National Bank, Live Oak Bank, Apiture, Finastra, OneMain Financial, Icatu Seguros), insurance (Aon, Markel), pharmaceutical (Takeda), technology (Equinix, Navan, HealthEquity), and energy (BP Launchpad). | 高 | SM013, SM020 |
| CM018 | Cequence Security's publicly stated scale of 10 billion API interactions processed daily targets telecoms, banks, and retailers — confirming that high-volume verticals are among the earliest and largest buyers of dedicated API security. | 中 | SM025 |
| CM019 | The enterprise API security adoption path typically follows: API inventory and shadow API discovery → behavioral baseline → posture governance → runtime threat detection → agentic AI/MCP security; initial POC deployment requires no agents and uses traffic mirroring. | 中 | SM001, SM018 |
| CM020 | The typical enterprise API security proof-of-concept (POC) cycle is 3–6 months, as cited in Escape.tech's competitive comparison, which attributes this to deployment complexity, traffic mirroring setup, and time needed to build behavioral baselines. | 中 | SM018 |
| CM021 | Platform consolidation toward WAAP bundles (Akamai, Cloudflare, Imperva) creates an alternative adoption path where API security is added to an existing WAF license at marginal cost rather than purchased as a standalone product, shortening evaluation and POC timelines. | 中 | SM008, SM010, SM006 |
| CM022 | PCI DSS v4.0, effective March 2025, introduced specific API security requirements (under requirement 6.3 for web-facing application and API protection) that convert API security from discretionary to a compliance-mandated budget line item for approximately 3 million merchants and processors globally. | 中 | SM003, SM014 |
| CM023 | API count proliferation (167% YoY growth per Salt 2024 report) is the primary structural demand driver for API security: each new API is a potential attack surface that legacy WAF and gateway tools do not cover with behavioral analytics. | 中 | SM012, SM013 |
| CM024 | The share of organizations experiencing API security incidents rose from 17% (2023) to 37% (2024) per Salt's survey, validating rising attacker focus on APIs and supporting the 32.5% market CAGR. | 中 | SM012 |
| CM025 | Regulatory drivers beyond PCI DSS include: GDPR enforcement actions for API-mediated data exposures; HIPAA breach notification for PHI-carrying APIs in healthcare; U.S. Executive Order 14028 elevating software supply-chain and API security for federal contractors; and emerging EU and U.S. AI-governance frameworks requiring API-level controls for agentic AI. | 中 | SM003, SM014, SM001 |
| CM026 | The declining share of organizations with advanced API security programs (12% in 2023 to 7.5% in 2024) limits the near-term SAM capture by standalone vendors; the mass market is still in planning or basic stages, meaning budget is not yet committed to dedicated API security tooling. | 中 | SM012, SM018 |
| CM027 | Agentic AI adoption creates a new API attack surface: AI agents communicating via MCP servers and REST/GraphQL APIs introduce prompt injection, over-permissioned agents, and unvetted third-party tool integration risks — attack categories not addressed by incumbent WAF or gateway vendors natively. | 中 | SM001, SM014, SM007 |
| CM028 | The enterprise API security POC cycle duration of 3–6 months has been independently cited by Escape.tech as a friction point that slows Salt Security's time-to-value and reduces win rates against incumbent WAAP add-on offerings that deploy in days, not months. | 中 | SM018 |
| CM029 | Incumbent WAAP bundling by Akamai (post-Noname), Cloudflare, and Imperva allows large enterprise customers to address a checklist API security requirement at near-zero incremental cost on an existing contract, reducing Salt Security's standalone deal size and competitive win rate in accounts already running a WAAP platform. | 中 | SM008, SM010, SM006 |
| CM030 | Salt Security's traffic-mirroring approach for runtime threat detection was criticized by Escape.tech as significantly increasing logging costs for customers, representing a total-cost-of-ownership constraint, particularly for high-volume API environments. | 中 | SM018 |
| CM031 | Akamai's approximately $450 million acquisition of Noname Security in 2024 concentrates channel power in an incumbent WAAP vendor and credentials Akamai as the market leader in combined WAAP + dedicated API security, intensifying the bundling threat to standalone API security vendors. | 中 | SM010, SM015 |
| CM032 | Budget competition with broader AppSec and cloud security consolidation (CNAPP, SAST, SCA) places Salt Security in a vendor-consolidation headwind, as CISOs reducing vendor counts may prefer Akamai, Cloudflare, or Imperva API security modules over a standalone Salt contract. | 中 | SM019, SM018 |
| CM033 | At Salt Security's Series D valuation of $1.4 billion (February 2022) and MarketsandMarkets' $3.0B market estimate for 2028, Salt's valuation implies a required 47% market share of the total API security TAM at a 10× revenue multiple on $75M ARR — highlighting the gap between standalone valuation and available market. | 中 | SM013, SM016, SM017 |
| CM034 | Salt Security's ARR grew from approximately $48.5 million (November 2024) to approximately $75 million (June 2025), implying approximately 54% annual growth and establishing the company as a mid-size pure-play API security vendor. | 中 | SM017, SM015 |
| CM035 | Data Theorem's claim of Gartner ranking it #1 in Cloud Native Apps in the 2025 Critical Capabilities for AST, combined with 2.8 billion users covered, indicates that the API security market is being contested at multiple layers (API security testing, cloud-native AppSec, runtime protection) by vendors with different primary positioning. | 中 | SM009 |
| CM036 | The MarketsandMarkets 2023 API security report was published approximately three years before the run date (2026-06-06), limiting its freshness as a basis for current market sizing; it predates the 2024–2025 agentic AI expansion, Akamai-Noname acquisition, and Salt's ARR growth. | 中 | SM002 |
| CP001 | Salt markets one platform spanning API discovery, posture and compliance, and API threat detection and protection. | 高 | SP023, SP030 |
| CP002 | Salt says its patented behavioral analysis detects low-and-slow API attacks and connects threat detection to discovery and posture workflows. | 中 | SP030 |
| CP003 | Salt says it fits into existing SIEM, ticketing, and firewall workflows rather than replacing the broader security stack. | 中 | SP030 |
| CP004 | CrowdStrike Marketplace positions Salt inside Falcon with discovery, posture governance, and AI-based threat protection. | 中 | SP023 |
| CP005 | Salt’s CrowdStrike integration uses existing Falcon agents for low-install API discovery and can trigger automated response through Falcon Firewall Management. | 中 | SP024 |
| CP006 | Salt’s Wiz integration feeds API posture gaps, threats, and compliance risks into Wiz’s cloud security graph and response workflows. | 中 | SP025 |
| CP007 | Akamai announced and then completed the acquisition of Noname Security for approximately $450 million. | 高 | SP001, SP002 |
| CP008 | Akamai said the Noname deal would add shadow-API discovery, vulnerability detection, and broader deployment choices across cloud, edge, on-premises, and third-party environments. | 高 | SP001, SP003 |
| CP009 | Akamai said Noname brought roughly $20 million of expected 2024 revenue and more than 200 employees into the combined platform. | 高 | SP001, SP002 |
| CP010 | Traceable was founded by Jyoti Bansal and Sanjay Nagaraj and announced a merger with Harness in February 2025. | 中 | SP004 |
| CP011 | Traceable says it protects modern applications and APIs across every phase of the software development lifecycle from design to runtime. | 高 | SP004, SP005 |
| CP012 | Traceable’s 2024 financing announcement said the company had 300% year-over-year growth, secured thousands of API endpoints, and monitored more than 500 billion API calls per month. | 中 | SP005 |
| CP013 | Cequence frames Unified API Protection around discover, detect, and defend rather than extending legacy WAFs or gateways alone. | 中 | SP006 |
| CP014 | Cequence says its UAP model includes shadow-API discovery, real-time detection, native blocking, compliance monitoring, and ongoing testing. | 中 | SP006 |
| CP015 | Wallarm Discovery claims runtime visibility into AI, shadow, zombie, and deprecated APIs, plus sensitive-data mapping, API change alerts, and OpenAPI generation from traffic. | 高 | SP007, SP009 |
| CP016 | Wallarm API Security says it blocks OWASP API Top 10 issues, abuse, and account takeover inline across REST, GraphQL, gRPC, SOAP, and WebSocket with no spec required. | 高 | SP008, SP009 |
| CP017 | Wallarm’s documentation describes both fully cloud-managed Security Edge deployment and hybrid deployment where customers run filtering nodes. | 中 | SP009 |
| CP018 | 42Crunch markets a shift-left plus shield-right model that ties runtime protection to OpenAPI contracts. | 高 | SP010, SP011 |
| CP019 | 42Crunch docs say API Firewall enforces runtime configurations derived from OpenAPI, deploys on Kubernetes and managed cloud runtimes, and currently does not support GraphQL protection. | 中 | SP011 |
| CP020 | 42Crunch Security Audit performs more than 200 contract checks and can be integrated into CI/CD to gate API definition quality before protection is enabled. | 中 | SP012 |
| CP021 | Imperva’s API security guidance emphasizes continuous API inventory, sensitive-data discovery, rate limiting, and business-logic and OWASP API threat coverage inside a WAAP approach. | 中 | SP013 |
| CP022 | Prisma Cloud API Security says it discovers internal, external, rogue, shadow, and zombie APIs and supports inline and out-of-band protection. | 高 | SP014, SP015 |
| CP023 | Prisma Cloud WAAS says it auto-detects web applications and APIs across cloud and on-premises environments and supports alert, prevent, and ban enforcement. | 中 | SP015 |
| CP024 | Fastly says its API security product discovers public-facing APIs at the edge, uses behavioral analysis, and mitigates DDoS, bot, and unwanted API traffic without code changes. | 高 | SP016, SP017 |
| CP025 | DataDome focuses on API bot abuse with real-time edge mitigation, 35 plus points of presence, under two millisecond response times, and a claimed false positive rate below 0.01 percent. | 中 | SP018 |
| CP026 | Cloudflare API Shield says it auto-discovers undocumented endpoints, validates schemas with a positive security model, and scans payloads for sensitive data. | 中 | SP019 |
| CP027 | Cloudflare Enterprise packaging emphasizes add-on pricing, no attack-traffic tax, guided onboarding, and 100 percent uptime service commitments. | 中 | SP020 |
| CP028 | Kong Gateway offers open source, enterprise, and Konnect deployment options, while its security model depends on plugins for authentication, request validation, and advanced rate limiting. | 高 | SP021, SP022 |
| CP029 | BankInfoSecurity reported Gartner’s 2022 WAAP leaders as Akamai, Cloudflare, and Imperva, with F5 categorized as a niche player. | 中 | SP026 |
| CP030 | BankInfoSecurity said Gartner criticized Akamai for high prices, false positives, and user-interface complexity. | 中 | SP026 |
| CP031 | BankInfoSecurity said Gartner criticized Cloudflare for lacking hybrid deployment and Imperva for weaker containerized WAAP and Asia-Pacific support. | 中 | SP026 |
| CP032 | Radware says Gartner replaced the WAAP Magic Quadrant with a Market Guide after 2022 as vendor capabilities converged. | 中 | SP027 |
| CP033 | Radware says modern cloud WAAP centers on WAF, DDoS, bot management, and API protection, with API discovery and behavioral analysis becoming core requirements. | 中 | SP027 |
| CP034 | Gartner states that its Peer Insights alternatives content reflects end-user opinions rather than Gartner statements of fact. | 中 | SP028 |
| CP035 | Akto’s competitor-authored alternatives page frames Wallarm, Noname, Imperva, F5, Cequence, and Traceable as common Salt alternatives. | 低 | SP029 |
| CP036 | Salt’s closest direct pure-play rivals are Akamai and Noname, Traceable, Cequence, Wallarm, and 42Crunch rather than gateway or CDN platforms. | 高 | SP002, SP004, SP006, SP008, SP010, SP030 |
| CP037 | Wallarm and Cequence pressure Salt most directly on native inline blocking, whereas Salt emphasizes discovery, posture, and behavioral analytics. | 高 | SP006, SP008, SP030 |
| CP038 | 42Crunch competes from contract-driven testing and enforcement rather than from broad behavioral runtime analytics. | 高 | SP010, SP011, SP012, SP030 |
| CP039 | Prisma Cloud, Cloudflare, Fastly, and Akamai compete by bundling API security into broader WAAP, edge, or CNAPP platforms with existing distribution. | 高 | SP003, SP014, SP015, SP016, SP019, SP020, SP026, SP027 |
| CP040 | Kong and similar gateways are better treated as status-quo or internal-build substitutes because security is delivered through gateway controls rather than dedicated API-security analytics. | 高 | SP021, SP022 |
| CP041 | DataDome is an adjacent substitute for buyers whose main problem is bot abuse, scraping, or account takeover rather than full API posture management. | 中 | SP018 |
| CP042 | Salt’s CrowdStrike and Wiz partnerships strengthen distribution and visibility but also show API security being absorbed into larger security platforms. | 高 | SP023, SP024, SP025 |
| CP043 | Noname’s sale to Akamai and Traceable’s merger with Harness show ongoing consolidation that can compress standalone API-security moats. | 高 | SP001, SP002, SP004, SP005 |
| CP044 | Standalone API-security vendors still keep an edge where buyers value deep discovery, posture governance, contract testing, or business-logic abuse detection beyond generic WAAP checklists. | 高 | SP006, SP012, SP014, SP027, SP030 |
| CP045 | Enterprise buyers needing hybrid deployment or inline enforcement have credible alternatives beyond Salt in Wallarm, Akamai, Prisma Cloud, and Imperva. | 高 | SP001, SP003, SP009, SP013, SP014, SP015 |
| CP046 | Public packaging is more visible for Cloudflare and Kong than for Salt, Traceable, Cequence, or Akamai in this retained source set. | 中 | SP003, SP004, SP006, SP020, SP021 |
| CP047 | No retained public source provides apples-to-apples module pricing or delivered total cost of ownership across Salt and its main peers. | 中 | SP020, SP021, SP028 |
| CP048 | No retained public source provides named win-rate or bake-off data across the main API-security vendors. | 中 | SP028, SP029 |
| CI001 | Salt Security's AWS Marketplace listing sets $100,000 per year for up to 100 million API calls per month as the baseline enterprise subscription price. | 高 | SI001, SI002 |
| CI002 | Third-party procurement data from Vendr estimates Salt Security's enterprise ACV range at approximately $70,000 to $210,000 per year, depending on volume and feature scope. | 中 | SI002, SI003 |
| CI003 | Salt Security's pricing model is subscription-based with overage charges when monthly API call volume exceeds the contracted threshold. | 高 | SI001, SI003 |
| CI004 | Salt Security is available for purchase through AWS Marketplace and CrowdStrike Marketplace, enabling customers to draw on committed cloud spend. | 高 | SI001, SI014 |
| CI005 | A partner deploying Salt Security in the AWS Marketplace channel described the pricing as "an annual subscription fee" that is "very affordable" relative to the value delivered. | 中 | SI001 |
| CI006 | Salt Security's professional services (integration, onboarding, PoC delivery) appear to be a minority of total revenue; a partner described integration support as organizational rather than software-based. | 中 | SI001 |
| CI007 | Matt Quarles joined as CRO in 2023 to lead the direct enterprise sales motion targeting Fortune 500 and Global 500 security buyers. | 高 | SI024, SI008 |
| CI008 | Competitor analysis sources (Escape.tech) note that extended PoC periods are a customer complaint for Salt Security, increasing time-to-value and implicitly raising CAC payback. | 中 | SI020 |
| CI009 | The CrowdStrike Falcon Fund invested in Salt Security in September 2022, initiating a co-sell and platform integration channel that has since produced two major product integrations. | 高 | SI014, SI015 |
| CI010 | Salt Security's Falcon Platform integration (announced Fal.Con 2023) and Falcon Next-Gen SIEM extension (2024) give Salt access to CrowdStrike's enterprise installed base through the CrowdStrike Marketplace. | 中 | SI015, SI016 |
| CI011 | The STEP (Salt Technical Ecosystem Partner) program launched in August 2023 formalizes technology integrations and is expected to expand channel distribution beyond CrowdStrike. | 高 | SI024, SI014 |
| CI012 | Salt Security has not publicly disclosed any CAC, LTV, payback period, or explicit sales efficiency metrics; the company's self-described success metrics are customer satisfaction and employee retention. | 高 | SI008, SI020 |
| CI013 | Salt Security expanded its GTM into Europe and Latin America after the May 2021 Series C, hiring regional sales directors for EMEA and LATAM at Series D close. | 高 | SI021, SI007 |
| CI014 | Salt Security reported gross margins above 90% as of June 2020, per TechCrunch; this is above the top-quartile SaaS security benchmark of approximately 80-90%. | 高 | SI010, SI011 |
| CI015 | The primary COGS driver for Salt Security's platform is cloud-hosted big-data infrastructure (compute, storage, data egress) powering the time-series ML/AI API analysis engine. | 中 | SI006, SI011 |
| CI016 | Benchmarkit 2025 SaaS benchmarks place subscription gross margins at 81% median and total revenue gross margins at 77% median; professional services gross margin at 30% median. | 高 | SI011, SI010 |
| CI017 | Net revenue retention, gross churn, CAC payback, and LTV have not been publicly disclosed by Salt Security; these are private underwriting inputs unavailable without management access. | 中 | SI004, SI012 |
| CI018 | Salt Security tripled its workforce between 2021 and 2022 (approximately 65 to 192 employees), reflecting heavy S&M and R&D investment following the Series D. | 高 | SI007, SI008 |
| CI019 | Salt Security has minimal physical capex; as a cloud-hosted SaaS company, there is no manufacturing, inventory, or significant hardware capital expenditure in its business model. | 中 | SI001, SI006 |
| CI020 | Third-party Latka database estimates Salt Security ARR at approximately $48.5 million in November 2024 and approximately $75 million in June 2025, representing approximately 54% YoY growth. | 中 | SI004, SI005 |
| CI021 | Salt Security's February 2022 Series D press release cited 500% revenue growth, 300% customer base growth, and 900% growth in Fortune 500/Global 500 signed customers in the preceding year. | 高 | SI006, SI009 |
| CI022 | If the Latka ARR estimates are directional, Salt's implied ARR in early 2022 was approximately $10-20 million, suggesting the hyperscale growth phase (2020-2022) gave way to more moderate but still strong growth (2022-2025). | 低 | SI004, SI007 |
| CI023 | ARR of approximately $75 million (mid-2025, Latka) is the most current public ARR estimate; this figure has not been confirmed by the company. | 中 | SI004, SI026 |
| CI024 | Absolute customer count, customer concentration, NRR, ACV distribution, and deferred revenue have not been disclosed in any reviewed public source for Salt Security. | 中 | SI004, SI005 |
| CI025 | Salt Security headcount has plateaued near 200 employees since late 2022 (approximately 192 in Dec 2022, 202 in Dec 2023, 201 in Nov 2025), suggesting operating expense growth moderated after the Series D deployment period. | 中 | SI004, SI008 |
| CI026 | Platform complexity and premium pricing have been cited by competitor sources (Escape.tech, Akto) as potential barriers to adoption by mid-market customers. | 中 | SI020 |
| CI027 | Salt Security's last primary equity event was the $140 million Series D on 18 February 2022, confirmed by SEC Form D filing (File No. 021-434118, CIK 0001753414). | 高 | SI017, SI006 |
| CI028 | No Series E or subsequent primary equity round has been announced as of the June 2026 run date; the company's last disclosed primary round is over four years old. | 中 | SI012, SI027 |
| CI029 | Secondary-market platforms Forge Global and notice.co indicate Salt Security shares are actively traded but may carry a discount to the 2022 $1.4 billion primary-round valuation. | 中 | SI012, SI013 |
| CI030 | Salt Security's stated use of Series D proceeds was to increase R&D investment, expand sales and marketing, and grow international operations; headcount grew from ~65 (early 2021) to ~192 (end 2022) confirming this deployment. | 高 | SI006, SI008 |
| CI031 | A 200-person enterprise SaaS security company with heavy R&D and S&M investment is estimated by analyst benchmarks to run at $3-8 million per month in operating expenses; this implies a 18-36 month runway window from the Series D deployment in 2022. | 低 | SI011, SI008 |
| CI032 | No debt instruments, credit facilities, or structured financing for Salt Security have been found in reviewed public sources; undisclosed private debt cannot be ruled out. | 中 | SI017, SI019 |
| CI033 | Salt Security's subscription revenue model (annual contracts, enterprise ACV, 90%+ gross margin baseline) has the structural hallmarks of a high-quality SaaS business; revenue quality is assessed as medium-high given the private-undisclosed disclosure posture. | 中 | SI001, SI010, SI017 |
| CI034 | Primary financial diligence blockers preventing underwriting at the $1.4 billion valuation include absence of audited revenue, unknown NRR and gross churn, unknown burn and cash position, and no customer count or concentration data. | 高 | SI004, SI017 |
| CI035 | Deferred revenue from multi-year prepayments may exist on Salt Security's balance sheet but cannot be estimated or confirmed from public sources. | 中 | |
| CI036 | API security market pricing pressure from large platform vendors (AWS, Palo Alto, Akamai) adding native API security features could commoditize the category and compress Salt Security's realized ACV over time. | 中 | SI020, SI011 |
| CI037 | No signs of financial stress such as deferred compensation, unusual pricing discounts, or operational cost-cutting were found in reviewed public sources for Salt Security. | 低 | SI004, SI005 |
| CE001 | Salt Security's core product is branded Salt Illuminate, a SaaS API security platform offering API discovery, posture governance, and behavioral threat detection. | 高 | SE002, SE007, SE014 |
| CE002 | Salt Illuminate deploys agentlessly via traffic mirroring with no inline agent inserted into the request path, resulting in zero added application latency. | 高 | SE002, SE011, SE012, SE014 |
| CE003 | Salt Connect ingests API traffic metadata by connecting agentlessly to AWS, Azure, GCP, and API gateways including Kong, Apigee, MuleSoft, NGINX, and Istio. | 高 | SE002, SE007, SE013 |
| CE004 | Salt's platform uses Kafka as its message queue and Kubernetes for container orchestration, with Datadog as the primary monitoring tool. | 中 | SE012 |
| CE005 | Salt's API data lake stores customer API metadata and uses it to continuously train the behavioral ML engine; the company claims it operates the industry's largest API traffic dataset. | 中 | SE011, SE013, SE019 |
| CE006 | Salt Illuminate is available as both SaaS and on-premises deployment options, supporting hybrid and multi-cloud topologies. | 中 | SE007, SE013 |
| CE007 | Salt's platform processes several million messages per minute across hundreds of backend instances, according to the AllCloud/Datadog case study. | 中 | SE012 |
| CE008 | Salt's Agentic Security Platform, launched March 2026, is positioned as the industry's first solution securing the full agentic stack: LLMs (reasoning), MCP servers (execution), and APIs (action). | 中 | SE005, SE001 |
| CE009 | The Agentic Security Graph is Salt's security context layer mapping relationships between LLMs, MCP servers, and APIs so risk can be prioritized by actual blast radius of each agent. | 中 | SE005, SE004 |
| CE010 | API discovery in Salt Illuminate is delivered through three complementary paths: Salt Connect (gateway/cloud mirroring), Salt Surface (external adversary-view scanning), and GitHub Connect (code-level discovery). | 高 | SE002, SE007, SE003 |
| CE011 | Salt's own research found that CDN-based single-source discovery tools miss an estimated 30.7% of APIs, supporting the three-path approach as a differentiation claim. | 中 | SE007 |
| CE012 | Salt's Policy Hub ships with approximately 100 pre-loaded posture rules covering PCI DSS, HIPAA, GDPR, SOC 2, NIST, CMMC, FedRAMP, OAuth, access control, data security, and API architecture standards. | 高 | SE002, SE007 |
| CE013 | Custom posture rules can be authored in three clicks within the Policy Hub and compliance reports can be exported for auditors. | 中 | SE007 |
| CE014 | Salt's 2025 State of API Security Report found only 10% of enterprises have an API posture governance strategy in place, while 43% plan to implement one within 12 months. | 中 | SE019 |
| CE015 | Salt's behavioral threat detection engine covers BOLA/IDOR, credential stuffing, account takeover, data exfiltration, session manipulation, API abuse, and injection attacks. | 高 | SE007, SE013, SE011 |
| CE016 | Salt's 2025 customer traffic analysis found 80% of observed attack attempts align with OWASP API Security Top 10 vulnerabilities; 54% relate to security misconfigurations (API8) and 27% to BOLA (API1). | 中 | SE019 |
| CE017 | Salt correlates attacker activity to a single entity and issues entity-level blocking (not transaction-level), with consolidated alerts to reduce alert fatigue. | 中 | SE011, SE013 |
| CE018 | Salt's CrowdStrike marketplace brief claims 96% fewer alerts, 3× faster API remediation, 20× faster resolution, and 75% time savings for compliance versus baseline. | 中 | SE011 |
| CE019 | Salt tracks PII, PHI, and payment-card data flowing through API traffic in real time and flags exposed sensitive data in query parameters, unauthenticated responses, and unencrypted channels. | 中 | SE007, SE013 |
| CE020 | MCP Protect, launched at CrowdStrike Fal.Con September 2025, discovers and monitors all MCP server interactions with AI agents at runtime and maps hidden connections and data exposure. | 中 | SE015, SE016 |
| CE021 | Agentic AI Governance ships out-of-the-box security controls that enforce safe AI agent behavior in MCP and A2A environments, enabled by default at first customer login. | 中 | SE015 |
| CE022 | GitHub Connect (November 2025) allows customers to connect public and private GitHub repositories to Salt Illuminate to discover APIs and MCP server configurations from source code before deployment. | 高 | SE003, SE006, SE024 |
| CE023 | GitHub Connect performs traffic-free risk scoring using Salt's risk-scoring engine without requiring traffic collection, assigning scores to APIs and MCPs found in code. | 中 | SE003 |
| CE024 | Ask Pepper AI, launched December 2025, provides a conversational interface for analysts to query Salt platform data and investigate threats in natural language. | 中 | SE016 |
| CE025 | Siemens CISO Shawn Griffin stated that the Agentic Security Platform gave Siemens improved visibility and protection to confidently scale AI across the Siemens Software business. | 中 | SE005 |
| CE026 | Salt's 1H 2026 survey of 327 security leaders found 92% of organizations lack advanced security maturity for agentic environments and 79% of boards have increased scrutiny of AI security risks. | 中 | SE004 |
| CE027 | Salt's 1H 2026 analysis of platform data found 99% of observed attack attempts originate from authenticated sources, validating the focus on behavioral runtime protection over perimeter blocking. | 中 | SE004 |
| CE028 | Salt's SIEM and response integrations include Splunk, CrowdStrike Falcon, Microsoft Sentinel, Jira, and Slack; enforcement commands can be sent to API gateways and AWS WAF. | 高 | SE007, SE011, SE016 |
| CE029 | Salt entered a 3-year AWS Enterprise Discount Program (EDP) commitment through AllCloud, indicating long-term AWS infrastructure dependency. | 中 | SE012 |
| CE030 | Salt's onboarding wizard for Salt Illuminate claims full initial deployment in minutes without requiring prior knowledge of architecture or traffic routing. | 中 | SE014, SE006 |
| CE031 | Salt integrates with Akamai, Cloudflare, F5, Kubernetes, and Docker in addition to the core API gateway and cloud platforms. | 中 | SE007 |
| CE032 | The CrowdStrike Falcon integration deepened in April 2025 to provide closed-loop API intelligence in the Falcon platform, with MCP protection for AWS WAF added December 2025. | 中 | SE017, SE016 |
| CE033 | Salt's tech stack uses Datadog as the primary observability and monitoring tool across R&D, SOC, and Sales, integrated with Kubernetes for application performance visibility. | 中 | SE012 |
| CE034 | Salt's platform architecture does not sit inline in the API request path, avoiding performance bottlenecks; this is a documented selling point versus WAF-based API security tools. | 高 | SE011, SE013, SE007 |
| CE035 | Salt's Policy Hub compliance rules are framework mappings for customer APIs and do not constitute Salt's own SaaS platform certifications (SOC 2, ISO 27001, FedRAMP). | 中 | SE007, SE013 |
| CE036 | UpGuard assigned Salt Security a "B" security rating in its June 6 2026 assessment, flagging a CSP configuration concern but noting no major breach history. | 中 | SE023 |
| CE037 | No SOC 2 Type II certification for Salt's own SaaS platform is publicly disclosed on the Salt Security website as of run date. | 中 | SE001, SE002 |
| CE038 | No ISO 27001 certification for Salt's own SaaS platform is publicly disclosed; the cloudsecurity.org assessment maps Salt's capabilities to ISO 27001 controls but is a third-party evaluation, not an official certification. | 中 | SE013 |
| CE039 | No FedRAMP authorization is publicly disclosed for Salt Security's SaaS platform as of run date. | 中 | SE001, SE002 |
| CE040 | No public status page or contractual uptime SLA is accessible on the Salt Security website as of run date; this is a diligence gap for enterprise buyers requiring reliability assurances. | 中 | SE001, SE002 |
| CE041 | Salt's GitHub org (SECful) shows active commits through May 2026 across tools including Peekaboo, api_extractor, apk-processor, url_learning_v2, deployment_ai_advisor, and terraform-ibm-salt-cloud-connect. | 中 | SE008, SE009 |
| CE042 | Salt's url_learning_v2 repository benchmarks a PathTemplateTrie at 1.2 million lookups per second with sub-microsecond latency, providing evidence of production-grade ML performance engineering. | 中 | SE008 |
| CE043 | Salt Code, announced June 2026, aims to carry security policy into AI coding-assistant code generation output at the point of the first prompt, extending security into the developer workflow. | 中 | SE027 |
| CE044 | Salt's 2025 release cadence included twelve major product launches or research milestones (one per month), including Salt Illuminate, Salt Surface, AI Agent Security at Fal.Con, GitHub Connect, and Ask Pepper AI. | 中 | SE016, SE017 |
| CE045 | GitHub Connect is confirmed as covering GitHub repositories; no public confirmation of support for GitLab, Bitbucket, or other code-hosting platforms is available. | 中 | SE003, SE006 |
| CE046 | Salt's API security buyer mindshare reportedly dropped from 13% in 2025 to 7% in 2026 according to one analyst source, indicating increased competitive pressure. | 低 | SE021 |
| CE047 | G2 shows only 12 reviews for Salt Security as of May 2026, a low count for a company claiming global enterprise deployment, which limits the independent review signal available. | 中 | SE020 |
| CE048 | gRPC support has not been confirmed in any retained public source for the Salt Illuminate platform; REST, GraphQL, and WebSocket traffic are documented as supported. | 低 | |
| CU001 | Salt Security's primary target verticals are FinTech, Financial Services, Technology SaaS, and Pharmaceutical according to the CrowdStrike Executive Brief. | 中 | SU007 |
| CU002 | Named enterprise customers listed on the Salt customers page and AppSec Santa 2026 review include Alaska Airlines, Hyundai, Stryker, SoFi, Kingston Technology, and Standard Bank Group. | 高 | SU001, SU002 |
| CU003 | DeinDeal (Switzerland) is the most fully documented public customer reference with a named CTO quote in a 2021 PR Newswire announcement covering production deployment outcomes. | 中 | SU005, SU006 |
| CU004 | Siemens (Siemens Software) is the most recent named customer reference, with CISO Shawn Griffin providing a production validation quote at the March 2026 Agentic Platform launch. | 中 | SU003 |
| CU005 | G2 reviews skew to Enterprise (>1,000 employees) and Senior Information Security Engineer / Manager titles, consistent with an enterprise-first go-to-market. | 中 | SU009 |
| CU006 | Salt Security states it "protects some of the largest enterprises in the world" according to the CrowdStrike marketplace brief. | 中 | SU007 |
| CU007 | Salt's DeinDeal case study involves a Swiss e-commerce retailer that expanded into food delivery and processed thousands of daily transactions, indicating a high-value retail API environment. | 中 | SU005 |
| CU008 | Geographic diversity in the named customer list spans US (SoFi, Alaska Airlines, Stryker, Kingston Technology), Switzerland (DeinDeal), South Korea/global (Hyundai), South Africa (Standard Bank Group), and Germany/global (Siemens). | 中 | SU001, SU002 |
| CU009 | Salt Security does not publicly disclose a total active customer count, ARR, or revenue metrics. | 高 | SU002, SU025 |
| CU010 | AllCloud's 2024 case study states that "over the past year, Salt Security has grown its customer base significantly," providing an indirect YoY growth signal without quantification. | 中 | SU008 |
| CU011 | Salt's platform infrastructure processes several million messages per minute across hundreds of backend instances, indicating production-scale customer traffic. | 中 | SU008 |
| CU012 | Salt's 1H 2026 survey (327 respondents) found 66% of organizations report API growth of more than 50% in the past year, creating a structural demand tailwind for the platform. | 中 | SU018 |
| CU013 | G2 shows 12 total reviews for Salt Security (4.7/5 aggregate), with the most recent review approximately two months before run date, indicating slow review velocity. | 中 | SU009 |
| CU014 | FeaturedCustomers shows 20 customer references for Salt Security with a 4.8/5 reference rating. | 中 | SU004 |
| CU015 | Salt is listed on the Microsoft Azure Marketplace as a SaaS offering, providing distribution access to Azure enterprise buyers as a channel mechanism. | 中 | SU016 |
| CU016 | DeinDeal CTO Alexandre Branquart confirmed in a named public quote that Salt "gave us greater visibility into how, when, and where all our APIs are used, ultimately enabling us to secure the heart of our business operations." | 中 | SU005, SU006 |
| CU017 | The DeinDeal deployment was independently covered by TFiR, providing third-party editorial confirmation of the customer announcement beyond the company-issued press release. | 中 | SU006 |
| CU018 | Siemens CISO Shawn Griffin (listed as CISO, CFIUS Security Officer & Cybersecurity Officer) provided a named quote validating the Salt Agentic Security Platform at its March 2026 official launch. | 中 | SU003 |
| CU019 | Salt Security's customers page lists DeinDeal, shows Gartner Peer Insights review snippets (IT Security/Risk Management — Retail and IT/Software sectors), and promotes a free API scan as the entry-point offer. | 中 | SU002 |
| CU020 | Alaska Airlines, Hyundai, Stryker, Kingston Technology, and Standard Bank Group are cited as named customers in the AppSec Santa 2026 independent review without outcome evidence. | 中 | SU001 |
| CU021 | SoFi is mentioned in Salt marketing content (YouTube channel and website) as a customer but no independent case study, named executive quote, or outcome evidence is publicly available. | 低 | SU002, SU026 |
| CU022 | The Armis case study and Xolv case study are listed on FeaturedCustomers for Salt Security, suggesting additional enterprise customer evidence exists in gated reference programs. | 中 | SU004 |
| CU023 | DeinDeal's 2021 deployment involved automatic API discovery across build, deploy, and runtime stages, PII protection for thousands of daily transactions, and behavioral anomaly detection. | 中 | SU005 |
| CU024 | Salt Security saw customers' monthly volume of malicious API traffic grow 211% over 2020, per the DeinDeal press release citing the Q1 2021 State of API Security report. | 中 | SU005 |
| CU025 | G2 aggregate score for Salt Security is 4.7/5 across 12 reviews, with consistently positive feedback on product capability and support responsiveness. | 中 | SU009 |
| CU026 | A 2023 G2 enterprise reviewer rated Salt Security 5/5 and described it as "the creme de la creme of API security tools," citing responsiveness and breadth of API security capability. | 中 | SU009 |
| CU027 | A 2023 G2 Senior Manager Security reviewer rated Salt as "instrumental in helping us resolve attacks and better understanding vulnerabilities," citing the need for better root-cause findings as the only improvement area. | 中 | SU009 |
| CU028 | No NRR, GRR, churn rate, contract length, or customer cohort data is publicly disclosed by Salt Security. | 高 | SU002, SU025 |
| CU029 | No enterprise customer churn announcements, contract cancellations, or critical adverse reviews were found in any retained public source as of the run date. | 中 | SU009, SU010, SU012 |
| CU030 | G2 reviews from 2021–2022 cite Salt as "still relatively new and missing quite a few bells and whistles," including missing native SIEM action logging; 2023 reviews reflect a materially improved product. | 中 | SU009 |
| CU031 | Salt's CrowdStrike Falcon integration, deepened in April 2025, embedded API intelligence into CrowdStrike's platform and added MCP protection for AWS WAF in December 2025. | 中 | SU015, SU017, SU022 |
| CU032 | Salt entered a 3-year AWS Enterprise Discount Program (EDP) commitment through AllCloud, indicating long-term AWS infrastructure dependency and implicit growth forecast. | 中 | SU008 |
| CU033 | Salt's Agentic Security Platform (AG-SPM, AG-DR, GitHub Connect) creates new upsell surfaces within existing enterprise accounts as those accounts deploy AI agents and MCP servers. | 中 | SU003, SU018 |
| CU034 | Salt's 1H 2026 survey found only 37% of organizations using agentic AI have dedicated API security—a large unmet-demand signal within existing and prospective customer environments. | 中 | SU017, SU018 |
| CU035 | Revenue concentration risk is unknown; no data on top-customer share of ARR or total customer count is disclosed, making concentration scenario analysis impossible from public information. | 低 | |
| CU036 | A single analyst source (PeerSpot) reports that Salt Security's API security buyer mindshare dropped from 13% in 2025 to 7% in 2026, indicating potential competitive displacement. | 低 | SU010 |
| CU037 | Salt's 1H 2026 report found 47% of organizations have delayed production AI releases due to API security concerns, representing both a procurement tailwind and a potential adoption friction signal. | 中 | SU018 |
| CU038 | UpGuard assigned Salt Security a 'B' grade security rating on June 6 2026, flagging a CSP concern but noting no major breach history—an adverse but not alarming vendor risk signal. | 中 | SU012 |
| CU039 | G2 2021 reviews note difficulties getting APIs reported correctly as unique items through gateways and missing SIEM native action logging—early integration friction that may have caused initial customer friction. | 中 | SU009 |
| CU040 | Salt's pricing model is not publicly disclosed; it is assumed to be subscription-based SaaS but the pricing metric (per API, per traffic volume, per seat) is unknown. | 低 | |
| CR001 | Cloudflare announced API Abuse Detection in March 2021, offering native API security capabilities to its CDN customer base as part of its core platform at no additional per-API cost. | 高 | SR024, SR019 |
| CR002 | Akamai acquired Noname Security—a direct API security competitor to Salt—in 2024, bundling API security capabilities into its CDN and edge delivery platform and removing a major standalone competitor from the market. | 高 | SR019, SR026, SR015 |
| CR003 | AWS API Gateway provides native throttling, authorization, request validation, and usage plan features that overlap with basic API security use cases, offered as a built-in feature to existing AWS customers at no separate purchase. | 高 | SR025, SR015 |
| CR004 | Akamai announced its intent to acquire LayerX in May 2026 for AI usage control, extending its security portfolio to cover AI agent browser behavior beyond API security, signaling continued hyperscaler security portfolio expansion. | 中 | SR026 |
| CR005 | Escape.tech's 2025 competitive comparison states that Salt Security POC cycles take months and that the tool's findings are described by security professionals as not actionable, creating long sales cycle risk. | 中 | SR014 |
| CR006 | G2 reviews for Salt Security (12 total, 4.7 average) note that SIEM logging integrations are missing native action logging and that the product is 'still relatively new and missing quite a few bells and whistles.' | 中 | SR013 |
| CR007 | GDPR Article 28 requires data processors handling EU residents' personal data to enter into binding data processing agreements with the controller; Salt Security processes API traffic that may contain PII from EU-based API users. | 高 | SR010, SR002 |
| CR008 | Salt Security's Privacy Policy (March 2024) acknowledges that the company collects and processes personal data from customers' API traffic, committing to GDPR Article 28 data processing agreements and privacy-protective practices. | 高 | SR002, SR010 |
| CR009 | GDPR violations can result in fines of up to 4% of total worldwide annual turnover or €20 million, whichever is higher, creating material financial exposure for companies handling EU personal data including API traffic monitoring vendors. | 高 | SR010, SR009 |
| CR010 | The California Consumer Privacy Act (CCPA) grants California residents rights over their personal data, imposes opt-out and deletion obligations, and authorizes civil fines up to $7,500 per intentional violation, applicable where Salt Security processes California residents' API traffic data. | 高 | SR009, SR012 |
| CR011 | The SEC's July 2023 cybersecurity disclosure rules require public companies to report material cybersecurity incidents on Form 8-K within four business days and disclose risk management governance annually on Form 10-K, effective December 2023. | 高 | SR007, SR008 |
| CR012 | Salt Security's enterprise CISO customers face increasing SEC cybersecurity disclosure and NIST CSF 2.0 compliance requirements, creating downstream documentation demand for API security evidence collection that Salt must support while also creating compliance-project budget competition. | 中 | SR007, SR011 |
| CR013 | Salt Security traces its origin to precursor Secful, Inc. filings and publicly launched in 2016 under founders Roey Eliyahu and Michael Nicosia, while maintaining active R&D operations in Israel alongside its US headquarters in Palo Alto, California. | 高 | SR005, SR016 |
| CR014 | NoCamels (2020) confirmed that Salt Security is 'based in California and Israel,' and Carl Eschenbach (Sequoia) joined the board at Series B, citing Salt as the type of outlier company Sequoia partners with. | 中 | SR016 |
| CR015 | US Export Administration Regulations (EAR) may impose compliance obligations on the transfer of encryption and cybersecurity software technologies developed in Israel, potentially limiting Salt Security's eligibility for US federal government and ITAR-restricted contracts. | 低 | SR005, SR008 |
| CR016 | Salt Security's platform integrates with API gateways including Apigee, Kong, MuleSoft, and NGINX to mirror traffic for analysis, creating technical and commercial dependency on these gateway vendors' architectural and product roadmap decisions. | 中 | SR018, SR028 |
| CR017 | AWS API Gateway, a key Salt Security integration partner for traffic ingestion, also offers native API security features (usage plans, authorization, throttling), creating a structural conflict where the primary data-ingestion partner competes as a security provider. | 高 | SR025, SR015 |
| CR018 | Salt Security's June 2026 product positioning as an Agentic Security platform—discovering AI agents, MCP servers, and APIs across enterprise environments—represents a significant strategic pivot from pure API security to the broader agentic AI stack. | 高 | SR001, SR020 |
| CR019 | Salt Security's 2022 Series D Form D (SEC Accession 0001753414-22-000001) reported a total offering of $140,000,000 with $124,442,569 sold to 11 investors, for a first sale date of 2022-01-20, implying a $1.4 billion post-money valuation. | 高 | SR003, SR006 |
| CR020 | Salt Security has raised approximately $271 million in total across four rounds: an early round (~$11M, 2018), Series B ($30M, 2020), Series C (~$68M, 2021), and Series D ($124M closed, 2022), per SEC Form D filings and public company profiles. | 高 | SR003, SR004, SR005, SR017 |
| CR021 | No Series E or subsequent public funding announcement for Salt Security has been identified between the January 2022 Series D and the June 2026 run date, consistent with operating within existing runway, achieving cash-flow neutrality, or being unable to raise at acceptable valuations. | 中 | SR017, SR022, SR003 |
| CR022 | The Noname Security acquisition by Akamai for approximately $450 million in 2024 represented a significant discount to Noname's estimated $1 billion-plus prior private valuation, establishing a public market benchmark for standalone API security company multiples. | 高 | SR019, SR015 |
| CR023 | Salt Security launched 'Salt Code' in June 2026 in early access for the first 100 organizations, integrating security policy into AI coding assistants (Claude, Cursor, GitHub Copilot, Windsurf, Codex, Gemini CLI), representing an active but unproven pivot to agentic developer security. | 中 | SR020 |
| CR024 | Building a new Agentic Security product category (MCP server security, AI agent security, developer-embedded policy) requires different go-to-market, new technical capabilities, and customer education that may distract from the core API security ARR base. | 中 | SR020, SR001 |
| CR025 | Salt Security's eight-year dataset of API behavioral baselines across diverse enterprise environments provides a data moat that hyperscalers without equivalent deployment history cannot quickly replicate, supporting a temporary premium on Salt's behavioral detection capability. | 中 | SR018, SR001 |
| CR026 | Salt Security's March 2024 privacy policy update commits to GDPR Article 28 data processing agreements and privacy-compliant data handling practices, representing a partial mitigation for GDPR enforcement risk. | 中 | SR002 |
| CR027 | The Noname/Akamai acquisition validates the strategic M&A exit path for Salt Security, suggesting that CDN platforms, cloud providers, or network security incumbents represent viable acquirers—though at significantly lower multiples than 2022 venture marks. | 中 | SR019, SR026, SR015 |
| CR028 | Salt Security's cumulative liquidation preference stack of approximately $271 million raised at progressive valuations means a below-$400 million exit would likely result in minimal or zero proceeds to common shareholders under typical VC preference structures. | 中 | SR003, SR004, SR017 |
| CR029 | NIST Cybersecurity Framework 2.0 (released 2024) creates enterprise demand for API security as part of the Protect and Detect functions, potentially supporting Salt Security's positioning in enterprise security programs that follow NIST CSF guidance. | 中 | SR011 |
| CR030 | A monitorable kill criterion for Salt Security is evidence of a major enterprise customer departing to a hyperscaler-bundled alternative, which would signal that the standalone platform differentiation premium is eroding and accelerate competitive pressure. | 中 | SR013, SR014, SR017 |
| CR031 | Akto.io's 2025 competitive analysis identifies Wallarm, Noname Security (now Akamai), Imperva, F5, and Escape as top Salt Security alternatives, indicating a fragmented competitive landscape where Salt must defend premium positioning from multiple angles. | 中 | SR015 |
| CR032 | OWASP API Security Top 10 2023 defines the most critical API vulnerability categories (including Broken Object Level Authorization and Excessive Data Exposure), and multiple competing tools including Wallarm, Imperva, Akto, and Salt Security all claim coverage of the same OWASP Top 10. | 高 | SR027, SR015 |
| CR033 | Akamai's acquisition of both Noname Security (2024) and its intent to acquire LayerX (2026) indicates the company is building a comprehensive security portfolio covering API security, browser security, and AI usage control, threatening Salt's positioning as a best-in-class standalone vendor. | 中 | SR026, SR019 |
| CR034 | Salt Security's out-of-band traffic mirroring integration model means customers who switch API gateway platforms (e.g., from Kong to AWS API Gateway) must re-integrate Salt Security, creating integration churn risk during gateway migration projects. | 中 | SR018, SR025 |
| CR035 | Salt Security's June 2026 blog states that 'almost 50% of code is written by AI' and that AI agents are writing APIs, MCP servers, and agent tools—contextualizing the Agentic Security pivot as a response to a structural shift in software development. | 中 | SR020 |
| CR036 | Carl Eschenbach (Sequoia Capital partner) joined Salt Security's board at the Series B in 2020 and previously served on the boards of Palo Alto Networks, Snowflake, Workday, and Zoom, providing governance quality and enterprise network access. | 高 | SR016, SR003 |
| CR037 | The FTC's data security enforcement authority under Section 5 of the FTC Act applies broadly to companies that handle personal data in ways that could harm consumers; Salt Security's API traffic inspection, if misconfigured or improperly secured, could create FTC liability for Salt and its customers. | 中 | SR012, SR009 |
| CR038 | Imperva offers an API security solution bundled with its WAF, DDoS protection, and bot management suite, representing a comprehensive security platform approach that enterprises may prefer over standalone API security from Salt Security. | 中 | SR029, SR015 |
| CR039 | Salt Security is incorporated in Delaware (confirmed in SEC Form D filings) and operates in Palo Alto, California, making it subject to US securities regulations, Delaware corporate law, and California employment law. | 高 | SR003, SR005 |
| CR040 | The SEC cybersecurity disclosure rules (effective December 2023) require public company customers to report material incidents within four business days, increasing demand for Salt Security's documentation of API incidents—but also creating compliance budget competition between security tooling and audit/reporting work. | 中 | SR007, SR008 |
| CV001 | Salt Security's January 2022 Series D round raised $140 million at a post-money valuation of approximately $1.4 billion, as documented in the SEC Form D filing dated 2022-02-18. | 高 | SV003, SV006 |
| CV002 | Salt Security has raised approximately $271 million in total across four funding rounds documented in SEC Form D filings (2018: ~$11M, 2020: $30M Series B, 2021: ~$68M Series C, 2022: ~$124M Series D). | 高 | SV003, SV004, SV005, SV009 |
| CV003 | Akamai acquired Noname Security in 2024 for approximately $450 million; Noname had raised approximately $220 million and was previously valued at over $1 billion, implying a 40-60% discount to private mark—the key public benchmark for standalone API security platform valuations. | 高 | SV017, SV018, SV013 |
| CV004 | Private SaaS cybersecurity ARR multiples compressed significantly between 2022 and 2024-2026, from 10-15x ARR at the 2022 peak to approximately 4-7x ARR in the current market, based on analyst-market-data sources and comparable transaction evidence. | 中 | SV013, SV014 |
| CV005 | Salt Security's ARR is not publicly disclosed; based on the company's four-year vintage as a Series D company, competitive peer benchmarks, and press coverage of industry growth rates, ARR is estimated at approximately $50-80 million with significant uncertainty. | 低 | SV009, SV014 |
| CV006 | The bull investment case for Salt Security requires Agentic Security achieving meaningful paying customer ARR within 12-18 months of Salt Code GA, Israeli R&D continuity, and no major enterprise customer churn to hyperscalers, enabling an M&A exit at 7-8x ARR. | 中 | SV015, SV001 |
| CV007 | The base investment case for Salt Security assumes ARR growth of 10-15% per year to $60-70M by 2027, with Salt Code gaining early traction but not breakout adoption, resulting in an M&A exit at approximately 5x ARR ($300-350M enterprise value). | 中 | SV009, SV014 |
| CV008 | The bear investment case for Salt Security assumes API security commoditization accelerates, Agentic Security fails to achieve product-market fit, and Salt Security exits in a distressed M&A at 3x ARR ($120-220M), leaving common shareholders with zero proceeds. | 中 | SV012, SV013 |
| CV009 | With approximately $271 million raised at progressive liquidation preference terms, Salt Security's preference overhang means a below-$400 million exit would likely leave common shareholders—including founders and employees—with minimal or zero proceeds. | 中 | SV003, SV004, SV005 |
| CV010 | No Series E or subsequent public financing round for Salt Security has been identified between the January 2022 Series D and the June 2026 run date, representing a gap of more than four years without a public funding announcement. | 中 | SV009, SV006, SV030 |
| CV011 | Salt Security's eight-year behavioral dataset from API traffic monitoring across diverse enterprise environments provides a data moat that hyperscalers without equivalent deployment history cannot quickly replicate, supporting a temporary valuation premium for its detection capability. | 中 | SV014, SV001 |
| CV012 | Sequoia Capital led Salt Security's Series B in 2020, and Carl Eschenbach joined the board; the Sequoia portfolio profile confirms the partnership date as 2020 and describes Salt as protecting 'APIs that form the core of every modern application.' | 高 | SV010, SV036, SV035 |
| CV013 | The 2022 $1.4 billion Salt Security post-money valuation implies approximately 10-14x annual recurring revenue at an estimated $100-140M ARR—a multiple not currently supported by comparable standalone API security transactions or public security SaaS benchmarks as of 2026. | 中 | SV003, SV013 |
| CV014 | Salt Security's absence of ARR disclosure, absence of a Series E announcement since 2022, and pivot to Agentic Security without external adoption metrics are the primary adverse signals available in the public record for valuation purposes. | 中 | SV009, SV015, SV030 |
| CV015 | Salt Security is incorporated in Delaware (as Salt Security, Inc., formerly Secful, Inc.) with a Palo Alto, California headquarters, as confirmed in SEC Form D filings, establishing its legal domicile and governing jurisdiction for corporate transactions. | 高 | SV003, SV005 |
| CV016 | To justify a valuation above $800 million in a new financing round, Salt Security would need to demonstrate approximately $100-120M ARR with 20%+ growth, given current private cybersecurity SaaS multiples of 6-8x for high-growth companies. | 低 | SV013, SV014 |
| CV017 | The bull case for Salt Security assumes 25%+ ARR growth reaching $90-110M by 2027-28, a successful Agentic Security pivot with premium pricing, and M&A exit at 7-8x ARR, yielding an enterprise value of $630-880M. | 低 | SV015, SV001, SV013 |
| CV018 | The base case for Salt Security projects ARR of $60-70M by 2027 with 10-15% annual growth, early Agentic Security traction but not breakout adoption, and M&A exit at approximately 5x ARR ($300-350M), implying a significant loss for Series D investors. | 中 | SV009, SV013, SV014 |
| CV019 | The bear case for Salt Security assumes ARR stalls below $55M due to hyperscaler API security commoditization, the Agentic Security pivot fails, and distressed M&A at 3-4x ARR yields $120-220M—yielding zero proceeds to common shareholders. | 中 | SV012, SV013 |
| CV020 | Under the base case exit at $300-350M, the cumulative $271M liquidation preference stack would likely consume most of the enterprise value, leaving Series D investors with a 75-80% loss and common shareholders with near-zero proceeds. | 中 | SV003, SV004, SV009 |
| CV021 | Noname Security, a standalone API security platform comparable to Salt Security, was acquired by Akamai in 2024 for approximately $450 million after having raised approximately $220M; this acquisition establishes a public comparable transaction for Salt Security's potential M&A valuation. | 高 | SV017, SV013 |
| CV022 | The Noname/Akamai acquisition at approximately $450M implies roughly 4-5x ARR for a standalone API security platform of comparable scale, consistent with prevailing private cybersecurity SaaS multiples of 4-7x ARR in 2024-2026. | 中 | SV013, SV017 |
| CV023 | Imperva's acquisition by Thales Group in January 2023 for approximately $3.6 billion represents a larger, bundled WAF/API/DDoS security platform acquisition that is not directly comparable to Salt Security but indicates acquirer appetite for API security capabilities within broader security suites. | 中 | SV013, SV023 |
| CV024 | Salt Security launched Salt Code in early access mode in June 2026, targeting the first 100 enterprise organizations; this is the primary publicly available evidence of its Agentic Security product launch timing. | 中 | SV015 |
| CV025 | Akamai's May 2026 announcement of its intent to acquire LayerX confirms continued security portfolio expansion by CDN players into AI usage control, increasing competitive pressure on Salt Security's Agentic Security positioning from well-capitalized incumbents. | 中 | SV018 |
| CV026 | At a hypothetical entry valuation of $500-600M (a 40-60% discount to the 2022 mark), the risk/reward for Salt Security becomes defensible relative to the Noname comp floor ($450M) and the bull case upside ($630-880M), implying a 1-1.5x return multiple at base and 1.3-1.7x at bull. | 低 | SV003, SV009, SV013 |
| CV027 | Cloudflare (NET) trades at a significant premium revenue multiple reflecting its CDN and security platform breadth; this multiple is not comparable to Salt Security's point-solution scope but illustrates the platform premium a broader Agentic Security footprint could theoretically command. | 中 | SV019, SV013, SV038 |
| CV028 | Rapid7 (RPD), a public application security and SIEM company, trades at approximately 3-4x forward revenue as of mid-2026, representing the low end of the public security SaaS multiple range and a conservative floor for Salt Security's valuation at its current estimated scale. | 低 | SV013, SV033 |
| CV029 | Qualys (QLYS), a public cloud security SaaS company, trades at approximately 6-7x forward revenue as of mid-2026, representing a midpoint benchmark for mature, profitable SaaS security companies and a reference point for Salt Security's valuation if it achieves similar scale and profitability. | 低 | SV013, SV034 |
| CV030 | Standalone API security platforms at Salt Security's estimated ARR scale ($50-80M) do not command the platform premiums achieved by CrowdStrike or Palo Alto Networks; achieving a platform-level multiple requires either scaling ARR above $200M or demonstrating Agentic Security platform breadth competitive with broader security suites. | 中 | SV013, SV031, SV032 |
| CV031 | An M&A exit to a CDN, cloud, or enterprise security acquirer (Akamai, Cloudflare, CrowdStrike, Palo Alto Networks, Google) is Salt Security's most likely exit path, as the Noname/Akamai transaction demonstrates acquirer appetite for standalone API security platforms. | 中 | SV017, SV018 |
| CV032 | IPO readiness for Salt Security is low as of June 2026: undisclosed ARR scale, an unproven pivot, and no public company comparables at its estimated revenue size suggest IPO is 3-5 years away at minimum, requiring substantially more scale and profitability. | 中 | SV009, SV030 |
| CV033 | ARR falling below 10% YoY growth (or outright decline) is the most critical thesis-break trigger; it would signal competitive displacement, lower exit multiples from 5-7x to 3-4x, and likely force an acceleration of the strategic alternatives process. | 中 | SV012, SV013 |
| CV034 | A new funding round at below $600M pre-money valuation would confirm impairment of the 2022 mark, trigger liquidation preference recalculations, and signal that the company has been unable to grow into its 2022 valuation during the four-year interval. | 中 | SV003, SV009 |
| CV035 | Failure to announce any paying Agentic Security customer within 12 months of Salt Code's general availability date would indicate that the pivot strategy has not achieved product-market fit and that the core API security business remains the only revenue driver under competitive pressure. | 中 | SV015, SV001 |
| CV036 | The most critical diligence item is Salt Security's actual ARR, ARR growth rate, and net revenue retention rate for 2024 and 2025, as these metrics determine which scenario (bull/base/bear) is operative and what multiple range is defensible. | 中 | SV009, SV006 |
| CV037 | A written business continuity plan covering the Israeli R&D team under conflict escalation scenarios is a minimum diligence requirement that must be obtained before any investment decision, given that the engineering team is partially located in Israel. | 中 | SV005, SV016 |
| CV038 | Cap table modeling at $300M, $450M, and $600M exit price levels is essential to determine actual common shareholder recovery and whether the liquidation preference stack is compatible with meaningful returns for non-preferred holders. | 中 | SV003, SV004, SV009 |
| CV039 | Signed pilot agreements or letters of intent for Salt Code from enterprise organizations would be the minimum evidence required to confirm Agentic Security product-market fit and support the bull case ARR trajectory assumptions. | 中 | SV015, SV001 |
| CV040 | Israeli-origin venture-backed companies face unique valuation and exit considerations including US government customer eligibility constraints, geopolitical risk premiums applied by some institutional investors, and potential acquirer hesitancy in sensitive federal verticals. | 中 | SV005, SV010, SV037 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | Salt Security | About Us — Salt Security | The Salt Labs team was the first and only API-dedicated global research organization in the world. As the premier research team, they have discovered more vulnerabilities than all other teams combined. |
| SO002 | PR Newswire | Salt Security Raises $140 Million Series D Round Led by CapitalG at $1.4 Billion Valuation | Salt Security, the leading API security company, today announced the completion of a $140 million Series D financing round led by CapitalG, Alphabet's independent growth fund, at a $1.4 billion valuation. |
| SO003 | Salt Security | Salt Security Raises $140 Million Series D Round Led by CapitalG at $1.4 Billion Valuation (press release) | |
| SO004 | SecurityWeek | Alphabet's CapitalG Makes Big Bet on Salt Security | CapitalG partner James Luo, who sits on Salt Security's board, said the firm's investment comes amidst a realization that securing the APIs powering global digital transformation is of critical importance. |
| SO005 | Globes (Israel) | Salt Security raises $140m at $1.4b valuation | Over the past year Salt Security has seen 500% revenue growth, 300% growth in its customer base and 250% growth in its work force. |
| SO006 | PR Newswire | API Security Trailblazer Salt Security Bolsters Leadership Team to Propel Global Growth and Innovation | Callahan joins Salt with more than 20 years of marketing expertise spanning across product marketing, marketing operations, corporate branding and positioning, demand generation, field and channel marketing and public relations. |
| SO007 | Salt Security | How Salt is Having the Best Journey: Series D Blog Post | Kfir Lippmann, CFO, who led finances at Monday.com from its early days when it had 40 employees through to its IPO. |
| SO008 | Globes (Israel) | Israeli co Salt Security raises $70m | In the past 12 months, Salt has seen revenue grow 400%, a 160% growth in employees, and 380% growth in the API traffic it secures. |
| SO009 | Forge Global | Salt Security IPO Profile | Post-Money Valuation represents the estimated valuation based on company-submitted Certificates of Incorporations (COIs). |
| SO010 | Salt Security | Salt Security Homepage | |
| SO011 | Salt Security | 2024 State of API Security Report — Key Findings | |
| SO012 | Latka (GetLatka.com) | Salt Security Revenue 2025 – $75M ARR | 2024 ARR: $48.5 million; 2025 ARR: $75 million; total raised $270 million; ~201 employees. |
| SO013 | Business Wire | Salt Security Closes $20 Million Series A Funding Round Led by Tenaya Capital | Salt Security is the first to market with a new breed of patented API Security solutions, able to uncover the vulnerabilities unique to each API and identify and respond to attackers before an attack is successful. |
| SO014 | Salt Security | Salt Security Raises $30 Million in Series B Funding | This latest funding round, which follows closely on the heels of a $20 million Series A raise in June, cements Salt Security as the leader in the API security market. |
| SO015 | TechCrunch | Salt Security closes $20M Series A to help protect APIs | Salt shared with TechCrunch that its gross margins have "significantly improved to over 90%" in response to a question regarding changes in the startup's gross margin profile. |
| SO016 | Salt Security | Salt Security Strengthens CrowdStrike Partnership With Joint Integration | In September 2022, the CrowdStrike strategic investment vehicle, Falcon Fund, invested in Salt Security. |
| SO017 | CRN | API Startup Salt Security Raises $140M To Strengthen Channel | Salt Security was founded in 2016, employs 135 people, and has raised $271 million in six rounds of outside funding. |
| SO018 | Calcalist (CTech) | Salt Security reaches $1.4 billion valuation in $140 million Series D | In the same period, Salt Security registered 500% growth in revenue, 300% growth in its customer base and 900% growth in signed customers among Fortune 500 and Global 500 companies. |
| SO019 | Boring Business Nerd | Salt Security — Company Profile | |
| SO020 | NoCamels | API Cybersecurity Startup Salt Security Raises $30M | |
| SO021 | MarketScreener | Salt Security Raises $140 Million Series D Round Led by CapitalG at $1.4 Billion Valuation | |
| SO022 | Escape.tech | Escape vs Salt Security: In-Depth 2025 Comparison | Salt Security's platform heavily relies on network log analysis rather than actual payload testing. The quality of API discovery relies heavily on the provided logs; incomplete or poorly formatted logs can lead to undetected Shadow APIs and vulnerabilities. |
| SO023 | Akto.io | Top 10 Salt Security Alternatives and Competitors in 2025 | |
| SO024 | Layoffs.fyi | Layoffs.fyi — Tech and Startup Layoff Tracker | |
| SO025 | PR Newswire | Salt Security Outpaces API Security Market with 12 Months of Innovation in 2025 | This year, customers told us they needed both visibility and speed. Our roadmap delivered both, and the market response has been tremendous. We delivered more API and AI security innovation in 2025 than any other player in our space. |
| SO026 | U.S. Securities and Exchange Commission | Salt Security, Inc. — Form D (Series D) — File No. 021-434118 | Total Offering Amount: 140000000; Total Amount Sold: 124442569; Total Remaining: 15557431; Signed by Roey Eliyahu, President and CEO, dated 2022-02-17. |
| SO027 | U.S. Securities and Exchange Commission | Salt Security, Inc. — Form D (Series C) — File No. 021-403048 | Total Offering Amount: 69999999; Total Amount Sold: 67999997; signed by Roey Eliyahu, CEO, dated 2021-06-15. |
| SO028 | TechSpective | The Strategic Partnership Elevating API and Endpoint Security | |
| SM001 | Salt Security | Agentic Security Platform — Salt Security Platform Overview | "Salt's Agentic Security Platform gives you full visibility and control, so you can reduce risk, meet compliance, and stay resilient." |
| SM002 | MarketsandMarkets | API Security Market — Global Forecast to 2028 (and Application Security Market to 2031) | "The global Application Programming Interface (API) Security market size is projected to reach USD 3,034 million by 2028 at a Compound Annual Growth Rate (CAGR) of 32.5% during the forecast period." |
| SM003 | OWASP | OWASP API Security Top 10 Project | "The OWASP API Security Project seeks to provide value to software developers and security assessors by underscoring the potential risks in insecure APIs, and illustrating how these risks may be mitigated." |
| SM004 | G2 | Best API Security Tools — G2 Category Definition (November 2025) | "API security tools protect information traveling through a company's network via application programming interfaces (APIs). Companies use API security technologies to develop an inventory of existing API connections and ensure their security." |
| SM005 | Gartner | Gartner API Security Testing Market Reviews | |
| SM006 | Cloudflare | Cloudflare Enterprise Plans — API Security Packages | |
| SM007 | Traceable | Traceable: Intelligent Application and API Security at Enterprise Scale | "According to Gartner, 80% of organizations will have used generative AI APIs or deployed generative AI-enabled applications by 2026." |
| SM008 | Imperva | API Security and Protection — Safeguard All Your APIs | "Imperva API Security delivers unified protection across environments, with built-in detection and response for deprecated, unauthenticated, and BOLA-prone APIs." |
| SM009 | Data Theorem | Data Theorem — AppSec, API Security, Cloud Security | "Gartner ranks Data Theorem #1 in Cloud Native Apps in the 2025 Critical Capabilities for AST" |
| SM010 | Akamai | Akamai API Security Product Page | |
| SM011 | 42Crunch | 42Crunch API Security Pricing | |
| SM012 | Salt Security | 2024 State of API Security Report — Key Findings | "37% of respondents say they've experienced an API security incident in the past 12 months, compared to 17% in 2023. The count of APIs is increasing, having gone up by 167% in the past year." |
| SM013 | PRNewswire | Salt Security Raises $140 Million Series D Round Led by CapitalG at $1.4 Billion Valuation | "APIs are essential to enabling business innovation, but security risks are multiplying at an unprecedented scope and scale." |
| SM014 | PRNewswire | Salt Security Outpaces API Security Market with 12 Months of Innovation in 2025 | "In 2025, APIs didn't just power applications, they powered AI agents, automation, and entire digital business models." |
| SM015 | SecurityWeek | Alphabet's CapitalG Makes Big Bet on Salt Security | "The big bet comes as demand for API security technologies surge, driven by multi-cloud deployments and global digital transformation." |
| SM016 | Forge Global | Salt Security IPO — Investment Opportunities and Pre-IPO Valuations | |
| SM017 | Latka Database | Salt Security Revenue 2025: $75M ARR, $1.4B Valuation | "In 2025, Salt Security's revenue reached $75M. The company previously reported $48.5M in 2024." |
| SM018 | Escape.tech | Escape vs Salt Security: In-Depth 2025 Comparison | "Frustration among security professionals has been mounting—whether due to the months it takes to run a POC or because the tool's findings are not actionable." |
| SM019 | Akto.io | Top 10 Salt Security Alternatives and Competitors in 2025 | |
| SM020 | Salt Security | About Us — Salt Security | "Salt now provides the industry's only AI-infused Agentic Security Platform that offers protection across your entire Agentic Security journey from discovery to posture management to run time threat protection." |
| SM021 | Salt Security | Salt Security Raises $30 Million in Series B Funding | "Named a 2020 Cool Vendor in API Strategy by Gartner, Inc. and providing the only patented API security solution for every stage of the API life cycle." |
| SM022 | Gartner | WAAP — Gartner IT Glossary: Web Application and API Protection | |
| SM023 | Cloudflare | Cloudflare API Shield - Secure and Monitor APIs | "Cloudflare API Shield helps you catalog and manage API endpoints, block attacks and vulnerability exploits, and prevent data leakage." |
| SM024 | Salt Security | Salt Security Blog — API Security News and Research | |
| SM025 | Cequence Security | Cequence Security — Application, API, and AI Protection | "Cequence protects the world's largest telecoms, banks, and retailers, processing more than 10B interactions every day." |
| SP001 | Akamai | Akamai Announces Intent to Acquire API Security Company Noname | |
| SP002 | Akamai | Akamai Completes Acquisition of API Security Company Noname | |
| SP003 | Akamai | API Security | Akamai | |
| SP004 | Traceable by Harness | Addressing risks across your Application & API ecosystem - Traceable Application & API Security | |
| SP005 | Business Wire | Traceable AI Secures $30M Strategic Investment Round | |
| SP006 | Cequence Security | Unified API Protection: Making Today's API Landscape Secure | |
| SP007 | Wallarm | Wallarm | API Discovery - Know Your API Topology | |
| SP008 | Wallarm | API Security | Wallarm — Real-Time Inline API Protection | |
| SP009 | Wallarm | Wallarm Documentation - Wallarm API Security | |
| SP010 | 42Crunch | API Runtime Threat Protection | API Runtime Security | |
| SP011 | 42Crunch | Protect APIs | |
| SP012 | 42Crunch | API Security Audit | |
| SP013 | Imperva | API Security | Best Practices for SOAP and REST API | Imperva | |
| SP014 | Palo Alto Networks | API Security | |
| SP015 | Palo Alto Networks | Web Application and API Security | WAAS Solutions | |
| SP016 | Fastly | API Security Solutions | Fastly | |
| SP017 | Fastly | Next-Gen WAF | Fastly Documentation | |
| SP018 | DataDome | DataDome Bot Detection, Mitigation & Protection Solution With Agent Trust | |
| SP019 | Cloudflare | Cloudflare API Shield - Secure and Monitor APIs | |
| SP020 | Cloudflare | Cloudflare Enterprise Plans | |
| SP021 | Kong | Most Trusted Open Source API Gateway | Kong Gateway | |
| SP022 | Kong | Kong Plugin Hub | Kong Docs | |
| SP023 | CrowdStrike Marketplace | Salt Security API Protection Platform | CrowdStrike Marketplace | |
| SP024 | Salt Security | CrowdStrike + Salt Security - Complete API security insights | |
| SP025 | Salt Security | Salt Security and Wiz Join Forces | |
| SP026 | BankInfoSecurity | Akamai, Cloudflare, Imperva Top App & API Defense Gartner MQ | |
| SP027 | Radware | WAF According to Gartner & Transition to WAAP Magic Quadrant | |
| SP028 | Gartner Peer Insights | Top Salt Security Competitors & Alternatives 2026 | Gartner Peer Insights - API Protection | |
| SP029 | Akto | Top 10 Salt Security Alternatives and Competitors in 2025 | |
| SP030 | Salt Security | Agentic Security Platform - Complete API Protection Platform | |
| SI001 | AWS Marketplace | Salt Security API Protection Platform — AWS Marketplace Listing | It is an annual subscription fee. It's very affordable. The value it provides justifies the cost, considering automation and availability features. |
| SI002 | Vendr | Salt Security Software Pricing & Plans 2025 | |
| SI003 | Cyberse.com | Salt Security API Protection Platform — Pricing and Features | |
| SI004 | Latka (GetLatka.com) | Salt Security Revenue 2025 — $75M ARR | 2024 ARR: $48.5 million; 2025 ARR: $75 million; total raised $270 million; ~201 employees. |
| SI005 | Boring Business Nerd | Salt Security — Company Profile | |
| SI006 | PR Newswire | Salt Security Raises $140 Million Series D Round Led by CapitalG at $1.4 Billion Valuation | Salt Security will use the new funds to increase R&D investment, expand sales and marketing, and more rapidly grow its international operations to address the growing number of cyber threats targeting APIs. |
| SI007 | Globes (Israel) | Salt Security raises $140m at $1.4b valuation | Over the past year Salt Security has seen 500% revenue growth, 300% growth in its customer base and 250% growth in its work force. |
| SI008 | CRN | API Startup Salt Security Raises $140M To Strengthen Channel | Salt Security was founded in 2016, employs 135 people, and has raised $271 million in six rounds of outside funding. |
| SI009 | Calcalist (CTech) | Salt Security reaches $1.4 billion valuation in $140 million Series D | In the same period, Salt Security registered 500% growth in revenue, 300% growth in its customer base and 900% growth in signed customers among Fortune 500 and Global 500 companies. |
| SI010 | TechCrunch | Salt Security closes $20M Series A to help protect APIs | Salt shared with TechCrunch that its gross margins have "significantly improved to over 90%" in response to a question regarding changes in the startup's gross margin profile. |
| SI011 | Benchmarkit | 2025 SaaS Performance Metrics Benchmarks | Gross Margins: total revenue 77% median; subscription revenue 81% median; though top-quartile SaaS security companies sustain 80-90%+. |
| SI012 | Forge Global | Salt Security IPO Profile | |
| SI013 | Notice.co | Salt Security Stock — Valuation, Stock Price, IPO | |
| SI014 | Salt Security | Salt Security Strengthens CrowdStrike Partnership With Joint Integration | In September 2022, the CrowdStrike strategic investment vehicle, Falcon Fund, invested in Salt Security. |
| SI015 | Security On Screen | Salt Security and CrowdStrike extend partnership with Falcon Next-Gen SIEM integration | This integration with Falcon Next-Gen SIEM combines Salt's API-based attacker telemetry with endpoint, identity and cloud telemetry from the Falcon platform. |
| SI016 | TechSpective | The Strategic Partnership Elevating API and Endpoint Security | |
| SI017 | U.S. Securities and Exchange Commission | Salt Security, Inc. — Form D (Series D) — File No. 021-434118 | Total Offering Amount: 140000000; Total Amount Sold: 124442569; Total Remaining: 15557431; Signed by Roey Eliyahu, President and CEO, 2022-02-17. |
| SI018 | U.S. Securities and Exchange Commission | Salt Security, Inc. — Form D (Series C) — File No. 021-403048 | |
| SI019 | U.S. Securities and Exchange Commission | Salt Security, Inc. — EDGAR Company Filings (CIK 0001753414) | |
| SI020 | Escape.tech | Escape vs Salt Security: In-Depth 2025 Comparison | Users note a lack of effective tools for quickly addressing vulnerabilities. Long PoC periods required to run successful PoCs and to realize actionable insights. |
| SI021 | Salt Security | Salt Security Raises $140 Million Series D Round Led by CapitalG (press release page) | |
| SI022 | Business Wire | Salt Security Closes $20 Million Series A Funding Round Led by Tenaya Capital | |
| SI023 | Salt Security | Salt Security Raises $30 Million in Series B Funding | |
| SI024 | PR Newswire | API Security Trailblazer Salt Security Bolsters Leadership Team | |
| SI025 | Globes (Israel) | Israeli co Salt Security raises $70m (Series C) | |
| SI026 | PR Newswire | Salt Security Outpaces API Security Market with 12 Months of Innovation in 2025 | |
| SI027 | MarketScreener | Salt Security Raises $140 Million Series D Round Led by CapitalG | |
| SI028 | Alignment LLC (swotanalysis.com) | Salt Security SWOT Analysis & Strategic Plan 2025-Q4 | Salt Security's pricing model is considered premium, which limits its accessibility among small to mid-market companies. Budget constraints and lengthy enterprise sales cycles further increase the risk of losing customers to competitors. |
| SE001 | Salt Security | Salt Security: Agentic AI Security, MCP Discovery, and API Security (Homepage) | Salt's Agentic Security Graph maps every agent, MCP server, and API in your environment, so you know exactly what your agents are doing and stop them when they overstep. |
| SE002 | Salt Security | Agentic Security Platform — Complete API Protection Platform | One platform. Three essential capabilities. API discovery & visibility, API posture & compliance, API threat detection & protection. |
| SE003 | Salt Security | Salt Security Launches GitHub Connect Press Release | GitHub Connect is available immediately as part of the Salt Illuminate™ platform. |
| SE004 | Salt Security | Salt Security Research: As AI Agents Outpace Security, Most Organizations Face an Unsecured API Surge (1H 2026 Report) | 92% of organizations lack the advanced security maturity required to defend these environments. |
| SE005 | PR Newswire | Salt Security Launches Industry's First Agentic Security Platform for the AI Stack Across LLMs, MCP Servers and APIs | Salt introduces two new security capabilities: Agentic Security Posture Management (AG-SPM) and Agentic Detection and Response (AG-DR). |
| SE006 | PR Newswire | Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories | Salt is the first to secure the MCP servers and APIs where AI agents have a real-world impact, now finding them in code before they are ever deployed. |
| SE007 | AppSec Santa | Salt Security Review 2026: AI API Discovery | Salt discovers APIs through multiple data sources simultaneously: Salt Connect, Salt Surface, Traffic analysis, GitHub Connect. |
| SE008 | Salt Security (GitHub) | Salt Security GitHub Organisation — SECful | url_learning_v2: High-performance PathTemplateTrie for API path resolution — 1.2M lookups/sec with sub-microsecond latency |
| SE009 | Salt Security (GitHub) | GitHub — Secful/peekaboo: Visual API Discovery Scanner | Real-time endpoint discovery through browser automation and network traffic analysis. |
| SE010 | Microsoft Azure Marketplace | Salt Security API Protection Platform (Azure Marketplace listing) | The Salt Security API Protection Platform secures the APIs leveraging cloud-scale big data and AI/ML. |
| SE011 | CrowdStrike Marketplace | Salt Security Overview (Executive Brief PDF) | 96% fewer alerts, 3× faster API remediation, 20× faster to resolution, 75% time savings for compliance. |
| SE012 | AllCloud | Salt Security & Datadog Case Study: AWS Environment and Cloud Observability | The platform processes several million messages per minute across hundreds of backend instances. |
| SE013 | CloudSecurity.org | Salt Security API Protection Platform — Technical Description | The platform scans networks to identify active API endpoints, including shadow and zombie APIs, using a combination of passive traffic monitoring and active probing techniques. |
| SE014 | Enterprise Security Tech | Salt Security's New Platform Promises Instant API Protection Without the Headaches | Salt Illuminate is a self-service API security platform that promises full deployment in minutes, not months. |
| SE015 | Digital IT News | Salt Security Debuts First AI Agent API Solution with Real-Time Protection | MCP Protect maps MCP server interactions and surfaces hidden endpoints, while built-in guardrails, enabled by default, enforce safe agent behavior automatically. |
| SE016 | PR Newswire | Salt Security Outpaces API Security Market with '12 Months of Innovation' in 2025 | Salt delivered an unmatched innovation 'gift' to the industry almost every month, helping security teams keep pace with an expanding API attack surface. |
| SE017 | Security Boulevard | The 12 Months of Innovation: How Salt Security Helped Rewrite API & AI Security in 2025 | Salt launched Salt Illuminate and expanded Cloud Connect, giving customers instant visibility into APIs across complex multi-cloud and hybrid environments. |
| SE018 | Security Boulevard | Increasing API Traffic, Proliferating Attack Activity — 2024 State of API Security Report | The count of APIs is increasing, having gone up by 167% in the past year. |
| SE019 | PR Newswire | Salt Labs State of API Security Report Reveals 99% of Respondents Experienced API Security Issues in Past 12 Months | 95% of API attacks over the past 12 months originated from authenticated sources. |
| SE020 | G2 (via Wayback Machine) | Salt Security Reviews & Product Details — G2 (archived) | The Salt Security is the creme de la creme of API security tools. It does so much, and is a valuable tool in assisting with keeping our APIs safe. |
| SE021 | PeerSpot | Salt Security Reviews, Competitors and Pricing | Salt Security offers robust API security solutions that help companies identify and mitigate potential threats. |
| SE022 | Salt Security | API Security Customers — Salt Security Customers Page | Proud to be trusted by today's digital leaders. |
| SE023 | UpGuard | Salt Security Security Rating, Vendor Risk Report, and Data Breaches | Last updated June 6, 2026. Salt Security provides API security solutions that include discovery, posture management, and threat protection across the API lifecycle. |
| SE024 | IT Security Guru | Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks in Code Repositories | Salt Illuminate is the only platform that delivers complete MCP coverage, discovering them in code (GitHub Connect), monitoring their runtime traffic (Agentic AI), and finding their external exposure (MCP Surface Scan). |
| SE025 | PR Newswire | Retailer DeinDeal Secures its API-driven E-commerce Platform with Salt Security | Salt has given us greater visibility into how, when, and where all our APIs are used, ultimately enabling us to secure the heart of our business operations. |
| SE026 | SiliconANGLE | Why API security is the hidden fabric of modern business | |
| SE027 | Salt Security | Salt Security Blog — June 2026 (Salt Code announcement context) | The core idea behind Salt Code is simple: security policy should travel with the code from the first prompt. |
| SU001 | AppSec Santa | Salt Security Review 2026: AI API Discovery | Enterprise customers include Alaska Airlines, Hyundai, Stryker, SoFi, Kingston Technology, and Standard Bank Group. |
| SU002 | Salt Security | API Security Customers — Salt Security Customers Page | Proud to be trusted by today's digital leaders. |
| SU003 | PR Newswire | Salt Security Launches Industry's First Agentic Security Platform — Siemens CISO Quote | Salt is uniquely positioned to secure this new environment because every agent interaction ultimately runs through APIs. The Agentic Security Platform has already given us improved visibility and protection that we need to confidently scale AI across the Siemens Software business. |
| SU004 | FeaturedCustomers | 10 Salt Security Case Studies, Success Stories, & Customer Stories | Reference Rating 4.8 / 5.0 — Customer References: 20 total |
| SU005 | PR Newswire | Retailer DeinDeal Secures its API-driven E-commerce Platform with Salt Security | Salt has given us greater visibility into how, when, and where all our APIs are used, ultimately enabling us to secure the heart of our business operations. |
| SU006 | TFiR | DeinDeal Deploys Salt Security API Protection Platform | DeinDeal, a Swiss e-commerce retailer, has deployed the Salt Security API Protection Platform to secure the APIs driving its mobile and web applications. |
| SU007 | CrowdStrike Marketplace | Salt Security Overview (Executive Brief PDF) | We especially lead in FinTech, FinServ, Tech SaaS, and Pharmaceutical companies. |
| SU008 | AllCloud | Salt Security & Datadog Case Study: AWS Environment | Over the past year, Salt Security has grown its customer base significantly. |
| SU009 | G2 (via Wayback Machine) | Salt Security Reviews & Product Details — G2 (archived May 2026) | The Salt Security is the creme de la creme of API security tools. |
| SU010 | PeerSpot | Salt Security Reviews, Competitors and Pricing | Salt Security offers robust API security solutions that help companies identify and mitigate potential threats. |
| SU011 | Gartner (blocked) | Salt Security API Protection Platform — Gartner Peer Insights | |
| SU012 | UpGuard | Salt Security Security Rating, Vendor Risk Report | Salt Security — B grade security rating. Last updated June 6, 2026. |
| SU013 | Cioinfluence | Salt Labs State of API Security Report Reveals 99% of Respondents Experienced API Security Issues | |
| SU014 | VMBlog | Salt Labs State of API Security Report Reveals 99% of Respondents Experienced API Security Issues | 95% of API attacks over the past 12 months originated from authenticated sources. |
| SU015 | PR Newswire | Salt Security Outpaces API Security Market with '12 Months of Innovation' in 2025 | |
| SU016 | Microsoft Azure Marketplace | Salt Security API Protection Platform (Azure Marketplace) | |
| SU017 | Digital IT News | Salt Security Debuts First AI Agent API Solution with Real-Time Protection | Only 37% of organizations using agentic AI currently deploy dedicated API security. |
| SU018 | Salt Security | Salt Security Research: As AI Agents Outpace Security — 1H 2026 Report | Two-thirds (66%) reported API growth of more than 50% in the past year, driven by automation and AI adoption. |
| SU019 | PR Newswire | Salt Labs State of API Security Report — 99% Experienced Issues (Q1 2025) | |
| SU020 | DRJ (Disaster Recovery Journal) | Salt Labs State of API Security Report Reveals 99% Experienced API Security Issues | |
| SU021 | Security Boulevard | Increasing API Traffic, Proliferating Attack Activity — Salt 2024 State of API Security Report | |
| SU022 | SiliconANGLE | Why API security is the hidden fabric of modern business | |
| SU023 | IT Security Guru | Salt Security Launches GitHub Connect to Proactively Discover Shadow APIs and MCP Risks | |
| SU024 | Salt Security | Salt Security Blog (latest post June 2026) | |
| SU025 | Salt Security | Salt Security Homepage (Trusted by global enterprises) | |
| SU026 | Salt Security (YouTube) | Salt Security — YouTube Channel | |
| SU027 | G2 | Salt Security Reviews & Ratings — G2 (direct) | |
| SR001 | Salt Security | Salt Security Agentic Security Platform — Official Website | Salt's Agentic Security Graph maps every agent, MCP server, and API in your environment, so you know exactly what your agents are doing and stop them when they overstep. |
| SR002 | Salt Security | Salt Security Privacy Policy (March 2024) | Salt Security, Inc. and its affiliates respect the privacy of the Visitors of our websites and Users of our Platform, and are committed to protection of the personal data. |
| SR003 | U.S. Securities and Exchange Commission | Salt Security Form D Series D — Accession 0001753414-22-000001 | Total offering amount: 140000000. Total sold: 124442569. First sale date: 2022-01-20. Number of investors: 11. |
| SR004 | U.S. Securities and Exchange Commission | Salt Security Form D Series C — Accession 0001753414-21-000001 | Total offering amount: 69999999. Total sold: 67999997. First sale date: 2021-05-26. Number of investors: 14. |
| SR005 | U.S. Securities and Exchange Commission | Salt Security (Secful Inc.) Form D 2018 — Accession 0001753414-18-000001 | Previous name: SECful, Inc. Founded: 2015. First sale date: 2018-09-04. Incorporated in Delaware. |
| SR006 | U.S. Securities and Exchange Commission | EDGAR — Salt Security Inc. CIK 0001753414 Form D Filings | Three Form D filings: 2022-02-18, 2021-06-16, 2018-09-19 at 3921 Fabian Way, Palo Alto CA 94303. |
| SR007 | U.S. Securities and Exchange Commission | SEC Press Release: Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rules (July 2023) | The new rules will require registrants to disclose on the new Item 1.05 of Form 8-K any cybersecurity incident they determine to be material. |
| SR008 | U.S. Securities and Exchange Commission | Final Rule: Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (33-11216) | Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure. AGENCY: Securities and Exchange Commission. ACTION: Final rule. |
| SR009 | California Office of the Attorney General | California Consumer Privacy Act (CCPA) — Official OAG Guidance (Updated March 2024) | |
| SR010 | EUR-Lex (Official Journal of the European Union) | GDPR — Regulation (EU) 2016/679 of the European Parliament and of the Council | Article 28: Where processing is to be carried out on behalf of a controller, the controller shall only use processors providing sufficient guarantees. |
| SR011 | National Institute of Standards and Technology (NIST) | NIST Cybersecurity Framework (CSF) 2.0 | |
| SR012 | U.S. Federal Trade Commission | FTC Business Guidance — Data Security | |
| SR013 | G2 | Salt Security Reviews and Product Details (12 Reviews) | The product is still relatively new and missing quite a few bells and whistles. The SIEM logging integrations are missing native action logging. |
| SR014 | Escape.tech | Escape vs Salt Security: In-Depth 2025 Comparison | Frustration among security professionals has been mounting—whether due to the months it takes to run a POC or because the tool's findings are not actionable. |
| SR015 | Akto.io | Top 10 Salt Security Alternatives and Competitors in 2025 | |
| SR016 | NoCamels | API Cybersecurity Startup Salt Security Raises $30M (Series B) | Salt Security is based in California and Israel. Israeli-founded API cybersecurity company Salt Security raised $30 million in a Series B funding round led by Sequoia Capital. |
| SR017 | Boring Business Nerd | Salt Security — Company Profile | Total Raised: $271 million. Valuation: $1.4 billion. |
| SR018 | Cloud Security Alliance | Salt Security API Protection Platform — Technical Description | The platform integrates with various enterprise security tools and API gateways like Apigee, Kong, MuleSoft, and NGINX. It mirrors API traffic from these platforms. |
| SR019 | Akamai Technologies | Akamai Newsroom | |
| SR020 | Salt Security | Your AI Coding Assistant Has Never Read Your Security Wiki. Now It Writes Half Your Code. | Today we are launching Salt Code. The core idea behind Salt Code is simple: security policy should travel with the code from the first prompt. |
| SR021 | Salt Security | Salt Security Customers Page | |
| SR022 | Salt Security | Salt Security Blog | |
| SR023 | Salt Security | Salt Security About / Contact Page | 3921 Fabian Way, Palo Alto, CA 94303. |
| SR024 | Cloudflare | Announcing API Abuse Detection | |
| SR025 | Amazon Web Services | Amazon API Gateway Features | |
| SR026 | Akamai Technologies | Akamai Technologies Announces Intent to Acquire LayerX (May 2026) | |
| SR027 | OWASP Foundation | OWASP API Security Project (Top 10 2023) | API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of APIs. |
| SR028 | Kong Inc. | API Security Best Practices: Managing Risks and Threats in 2025 | |
| SR029 | Imperva | Imperva API Security Product Page | |
| SR030 | U.S. Securities and Exchange Commission | Salt Security Form D 2022 Index — Accession 0001753414-22-000001 | |
| SV001 | Salt Security | Salt Security Agentic Security Platform — Official Website (2026) | Salt's Agentic Security Graph maps every agent, MCP server, and API in your environment. |
| SV002 | Salt Security | Salt Security Privacy Policy (March 2024) | |
| SV003 | U.S. Securities and Exchange Commission | Salt Security Form D Series D — Accession 0001753414-22-000001 | Total offering amount: 140000000. Total sold: 124442569. First sale date: 2022-01-20. Investors: 11. |
| SV004 | U.S. Securities and Exchange Commission | Salt Security Form D Series C — Accession 0001753414-21-000001 | Total offering amount: 69999999. Total sold: 67999997. Investors: 14. |
| SV005 | U.S. Securities and Exchange Commission | Salt Security (Secful Inc.) Form D 2018 — Accession 0001753414-18-000001 | Previous name: SECful, Inc. Founded: 2015. |
| SV006 | U.S. Securities and Exchange Commission | EDGAR — Salt Security Inc. CIK 0001753414 Form D Filings | Three Form D filings: 2022-02-18, 2021-06-16, 2018-09-19. |
| SV007 | U.S. Securities and Exchange Commission | SEC Press Release — Cybersecurity Disclosure Rules (July 2023) | |
| SV008 | U.S. Securities and Exchange Commission | Final Rule — Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (33-11216) | |
| SV009 | Boring Business Nerd | Salt Security — Company Profile ($271M raised, $1.4B valuation) | Total Raised: $271 million. Valuation: $1.4 billion. |
| SV010 | NoCamels | API Cybersecurity Startup Salt Security Raises $30M (Series B — Sequoia, IDF founders) | Israeli-founded API cybersecurity company Salt Security raised $30 million in a Series B funding round led by Sequoia Capital. |
| SV011 | G2 | Salt Security Reviews and Product Details (12 Reviews, 4.7 Average) | |
| SV012 | Escape.tech | Escape vs Salt Security: In-Depth 2025 Comparison (adverse) | Frustration among security professionals has been mounting—whether due to the months it takes to run a POC or because the tool's findings are not actionable. |
| SV013 | Akto.io | Top 10 Salt Security Alternatives and Competitors in 2025 | |
| SV014 | Cloud Security Alliance | Salt Security API Protection Platform — Technical and Market Description | |
| SV015 | Salt Security | Your AI Coding Assistant Has Never Read Your Security Wiki — Salt Code Launch | Salt Code is available through our Early Access Program to the first 100 organizations. |
| SV016 | Salt Security | Salt Security About / Contact (Palo Alto HQ) | 3921 Fabian Way, Palo Alto, CA 94303. |
| SV017 | Akamai Technologies | Akamai Newsroom — Acquisitions and Strategic Announcements | |
| SV018 | Akamai Technologies | Akamai Intent to Acquire LayerX — Security Portfolio Expansion (May 2026) | |
| SV019 | Cloudflare | Announcing API Abuse Detection — Cloudflare Blog (March 2021) | |
| SV020 | Amazon Web Services | Amazon API Gateway Features (native security capabilities) | |
| SV021 | OWASP Foundation | OWASP API Security Project — Top 10 2023 | |
| SV022 | Kong Inc. | API Security Best Practices: Managing Risks and Threats in 2025 | |
| SV023 | Imperva | Imperva API Security Product Page | |
| SV024 | California Office of the Attorney General | California Consumer Privacy Act (CCPA) | |
| SV025 | EUR-Lex | GDPR — Regulation (EU) 2016/679 | |
| SV026 | NIST | NIST Cybersecurity Framework (CSF) 2.0 | |
| SV027 | U.S. Federal Trade Commission | FTC Business Guidance — Data Security | |
| SV028 | U.S. Securities and Exchange Commission | Salt Security Form D 2022 Filing Index — Series D | |
| SV029 | Salt Security | Salt Security Customers Page | |
| SV030 | Salt Security | Salt Security Blog (June 2026 — Salt Code featured) | |
| SV031 | CrowdStrike | CrowdStrike Falcon Identity Protection — AI-Driven Identity Security | |
| SV032 | Palo Alto Networks | Cortex — AI-Driven SOC and Security Operations Platform | |
| SV033 | Rapid7 | InsightAppSec — Dynamic Application Security Testing (DAST) | |
| SV034 | Qualys | Qualys Web Application Security and Scanning Solutions | |
| SV035 | Sequoia Capital | Sequoia Capital Portfolio Companies | |
| SV036 | Sequoia Capital | Salt Security — Sequoia Capital Portfolio Profile | Milestones: Founded 2016. Partnered 2020. Salt Security protects the APIs that form the core of every modern application. |
| SV037 | U.S. Securities and Exchange Commission | Salt Security Form D Series C 2021 — Filing Index | |
| SV038 | Gartner | Gartner Information Technology Research and Advisory |