Salt Security Launches "Ask Pepper AI," Leveraging AWS Bedrock to Bring Generative AI to API Security
New natural language interface, "Ask Pepper AI," empowers security teams to instantly query their entire API inventory, identify risks, and close posture gaps
LAS VEGAS, Dec. 1, 2025 /PRNewswire/ -- At AWS re:Invent, Salt Security, the leader in API security, today announced "Ask Pepper AI," a new generative AI-powered natural language interface for its API Protection Platform. Leveraging Amazon Bedrock, "Ask Pepper AI" transforms API security operations by allowing security professionals and developers to ask plain-English questions and receive immediate, actionable insights about their API landscape, posture gaps, and risk.
In today's complex, cloud environments, security teams are often overwhelmed by data and lack clear visibility. According to Salt Security's H2 2025 State of API Security Report, only 19% of organizations are "very confident" in the accuracy of their API inventory. This visibility gap is dangerous, with the same report finding 15% of organizations admit they do not know which APIs expose PII. "Ask Pepper AI" cuts through this complexity by democratizing access to critical security data. Instead of navigating complex dashboards, users can now simply ask:
- "What APIs have the highest Risk Score?"
- "Which of my APIs expose PII?"
- "Summarize my highest-risk API, and list any posture gaps."
"API security is complex, but understanding your risk shouldn't be," said Michael Nicosia, Co-Founder & COO at Salt Security. "'Ask Pepper AI' makes it simple. By using Amazon Bedrock, we're putting powerful, intuitive security insights into the hands of everyone from SOC analysts to CISOs. When most organizations aren't even sure what their API inventory looks like, the ability to just ask and get an immediate answer is a game-changer."
By building on Amazon Bedrock, Salt Security securely provides its customers with access to high-performing foundation models. This allows "Ask Pepper AI" to understand user intent and provide precise answers about an organization's unique API environment, accelerating incident response and risk prioritization. The new capability seamlessly integrates with Salt's three core use cases, API Discovery, Posture Governance, and Threat Protection, making it easier than ever to manage the full lifecycle of APIs.
About Salt Security: Salt Security secures the APIs that power today's digital businesses. Salt delivers the fastest API discovery in the industry—surfacing shadow, zombie, and unknown APIs before attackers find them. The company's posture governance engine and centralized Policy Hub automate security checks and enforce safe API development at scale. With built-in rules and customizable policies, Salt makes it easy to stay ahead of compliance and reduce API risk. Salt also uses machine learning and AI to detect threats early, giving companies a critical advantage against today's sophisticated API attacks. The world's leading organizations trust Salt to find API gaps fast, shut down risks, and keep their businesses moving. Learn more at https://salt.security
Media Contact - Dr. Karl Bateson - [email protected]
SOURCE Salt Security
Share this article