As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.”

But for security teams, it was something more specific – the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep up.

At Salt Security, we spent 2025 focused on one thing: defending the API action layer where AI, applications, and data intersect. And we did it with a steady drumbeat of innovation, a new “gift” for security teams almost every month.

So in the spirit of the season, here’s a look back at Salt’s 12 Months of Innovation – a year-long series of product launches, partnerships, and research milestones designed to help organizations stay ahead of fast-moving threats.

January – The Year Kicks Off with APIs at the Center

We kicked off the year by shining a harsh light on what many teams already suspected:

• APIs now sit at the center of almost every digital initiative.
• Zombie and unmanaged APIs still live in production.
• Software supply chain dependencies are quietly multiplying risk.

Early 2025 research and thought leadership from Salt Labs showed just how dangerous it is to run modern AI and automation on top of APIs you don’t fully understand or control.

Takeaway: January set the tone – defending tomorrow’s API fabric with yesterday’s tools is no longer an option.

February – A Spotlight on API Reality

In February, we went from “we think we have a problem” to “here are the numbers.”

With the latest State of API Security Report and key industry recognitions such as inclusion in top security lists, Salt brought hard data to boardroom and CISO conversations.

The message was clear:

• API traffic is exploding.
• Attackers are targeting APIs at scale.
• Traditional perimeter and app security are missing critical context.

Takeaway: API security is no longer a niche concern. It’s a business risk that demands strategy, budget, and board-level attention.

March – Gold Medals & Rising Shadows

March blended validation and urgency.

On one side, industry bodies recognized Salt’s leadership with awards like a Gold Globee, underscoring the maturity and impact of our platform.

On the other, new blogs and research highlighted reality on the ground:

• Compliance and data privacy pressure are rising.
• AI-driven attacks are accelerating, not slowing.

Takeaway: Excellence in API security isn’t just about winning awards, it’s about staying ahead of adversaries who are constantly adapting.

April – A Season of Partnerships & Paradigm Shifts

In April, collaboration took center stage.

We deepened integrations with leading platforms such as CrowdStrike and expanded support for modern ecosystems, including MCP server–driven architectures.

By weaving Salt API intelligence into tools security teams already rely on, we helped customers:

• Gain richer, real-time context.
• Simplify deployment and operations.
• Extend protections into their existing workflows.

Takeaway: API and AI security are team sports. Partnerships and integrations turn siloed tools into a cohesive defense fabric.

May – The Cloud Era Gets Real

By May, the conversation had shifted from “we’re moving to the cloud” to “our entire business depends on it.”

Salt expanded coverage and governance capabilities for leading cloud environments and partners, helping customers:

• Align API security with cyber insurance and regulatory expectations.
• Build stronger posture governance and risk-management processes.
• Translate technical API risk into board-ready language.

Takeaway: In 2025, API security moved squarely into the boardroom as a core pillar of enterprise risk.

June – Illuminate Everything

June was all about turning on the lights.

We launched Salt Illuminate and expanded Cloud Connect, giving customers the ability to:

• Discover APIs across complex, hybrid, and multi-cloud environments.
• Spot shadow, zombie, and unmanaged APIs in minutes instead of months.
• Build a live inventory that actually stays current.

Takeaway: You can’t protect what you can’t see. Illuminate gave teams the visibility foundation they’ve been missing.

July – CISOs Sound the Alarm

In July, the stakes became very real.

High-profile AI mishaps, including incidents like the McDonald’s chatbot breach, made one thing painfully obvious: conversational AI and digital experiences are only as safe as the APIs behind them.

Salt responded with:

• Deep-dive blogs on AI agent risk and API blind spots.
• The launch of Salt Surface, designed to map and prioritize exposed API risk.

Takeaway: 2025 was the year CISOs started asking not just “What APIs do we have?” but “Which of these are exposed, exploitable, and business-critical?”

August – Autonomous Everything

By August, “autonomous” wasn’t just a buzzword, it was a roadmap theme.

Organizations leaned hard into:

• Autonomous workflows
• AI-driven decisioning
• Automated threat detection and response

Salt’s innovation in this space emphasized a key reality: AI, autonomy, and APIs are inseparable.

We advanced protections for autonomous threat hunting and AI-driven security use cases, reinforcing that if APIs are compromised, autonomous systems are too.

Takeaway: You can’t secure autonomous operations if you’re not securing the API action layer that powers them.

September – Securing the AI Agent Revolution

September was a turning point.

Salt introduced the industry’s first solution to secure AI agent actions across APIs and MCP servers, bringing real controls to a problem that had mostly been theoretical.

This meant:

• Protection against prompt injection and misuse.
• Guardrails around what AI agents can access or execute.
• Enforceable policy where it matters: at the API and action level.

Takeaway: The AI agent revolution doesn’t have to be a security nightmare — if you secure the actions, not just the model.

October – The Blind Spots Strike Back

In October, new data from Salt and customer environments revealed how deep the AI + API blind spots really go.

We broke down:

• Misconfigurations in AI-driven workflows.
• Risky patterns in agentic and MCP deployments.
• Common mistakes teams make when bolting AI onto existing architectures.

Through detailed analysis and practical guidance, we helped teams turn confusion into a roadmap for modernizing their security posture.

Takeaway: Education is as important as technology. You can’t fix what you don’t fully understand.

November – Security Starts in Code

November brought a massive step forward in shifting API security left and right at the same time.

We launched:

• GitHub Connect – to scan code repositories for shadow APIs, spec mismatches, and insecure patterns before they ship.
• MCP Finder – to identify risky MCP configurations and AI-integrated workflows early in the development lifecycle.

Combined with runtime intelligence from the Salt platform, customers could now connect:

• What’s being written → What’s being deployed → What’s being exploited

Takeaway: Real API security covers the full lifecycle, from design and code to production traffic and AI-agent actions.

December – Hello, Pepper

We closed the year with a new kind of experience: Ask Pepper AI.

Ask Pepper AI turns Salt’s platform into a conversational partner, letting users:

• Ask natural-language questions about APIs, risks, and threats.
• Accelerate investigation and incident response.
• Bring complex insights to teams who don’t live inside dashboards.

Alongside MCP protection for AWS WAF, December marked the next stage in our vision: API security that’s not just powerful, but accessible and intuitive.

Takeaway: When security teams can simply ask questions and get meaningful, contextual answers, they move faster, and so does the business.

Looking Ahead: Building on a Year of Innovation

If 2025 was the year APIs fully merged with AI agents, automation, and MCP servers, 2026 will be the year organizations either embrace the API action layer or fall behind those that do.

At Salt Security, our focus remains the same:

• See everything – every API, every action, every blind spot.
• Understand the context – who’s calling what, from where, and why.
• Stop attacks – before they turn into outages, data loss, or brand damage.

The 12 Months of Innovation were just the beginning. The threats are evolving, and so are we.

If you want to learn more about Salt and how we can help you, please contact us, schedule a demo, or visit our website. You can also get a free API Attack Surface Assessment from Salt Security’s research team and learn what attackers already know.

*** This is a Security Bloggers Network syndicated blog from Salt Security blog authored by Eric Schwake. Read the original post at: https://salt.security/blog/the-12-months-of-innovation-how-salt-security-helped-rewrite-api-ai-security-in-2025