ITTech Pulse Exclusive Interview with Eric Schwake, CISSP, Director of Cybersecurity Strategy at Salt Security

Eric Schwake from Salt Security shares perspectives with ITTech Pulse on securing APIs, managing AI agent risks, and strengthening enterprise cybersecurity.

What first sparked your passion for cybersecurity, and how did that evolve into leading API security innovation at Salt Security?

Over my 20-year career in cybersecurity, I’ve had a front-row seat to the constant evolution of the attack surface. What sparked my passion early on was watching how attackers constantly adapt to bypass whatever “perimeter” we build. We spent years trying to lock down the network, then shifted to locking down human identity and endpoints.

But when I looked at where the market was moving with cloud and AI, I realized human access was no longer the primary battlefield. The new perimeter is the API, and the new identities are autonomous AI agents. That realization brought me to application security and Salt. Applying strict security principles to machine-to-machine API traffic is the industry’s most critical challenge today.

For our audience, how would you simply explain the “Agentic AI Action Layer” and why it demands new visibility tools?

Think of the AI model like the “brain” and your enterprise APIs as the “hands.” The Agentic AI Action Layer is the nervous system that links the brain to the hands, enabling them to actually do something, such as pull a confidential customer record or execute a financial trade.

Traditional firewalls and gateways only verify who is knocking on the front door. Once an AI agent is inside, it uses legitimate credentials to act at machine speed. Without continuous behavioral monitoring dedicated to this specific action layer, you are completely blind to what those “hands” are doing.

Read More: ITTech Pulse Exclusive Interview with Jason Baker, Managing Security Consultant, at GuidePoint Security

What customer pain directly inspired the Databricks Connector, and what surprising AI agent behaviors did it uncover first?

The pain was a massive visibility gap. Databricks is where the “enterprise brain” lives, but CISOs told us they knew their AI agents were running but had no idea which APIs those agents were calling. We built the Databricks Connector to turn the lights on.

The most surprising behavior we uncovered was the sheer volume of “shadow” endpoints generated dynamically via protocols such as the Model Context Protocol (MCP). Autonomous agents were independently spinning up temporary connections to external data sources to fulfill tasks. This creates an entire hidden web of API traffic that security teams had never provisioned or vetted.

Why do traditional CNAPP tools blindside teams to risks inside Databricks AI agents, and how does Salt bridge that gap?

CNAPP tools are fantastic for static infrastructure. They will easily tell you if an S3 bucket is misconfigured or if a cloud workload has a known vulnerability. But they are fundamentally blind to runtime machine behavior.

If a perfectly configured AI agent inside Databricks is tricked via prompt injection into quietly leaking PII through an authorized API, a CNAPP will not see it because the infrastructure itself has not changed. Salt bridges this gap by monitoring actual machine-to-machine traffic within the Agentic Action Layer and detecting the malicious intent behind a perfectly formatted API call.

In Jamstack and Netlify deployments, what emerging edge API abuse patterns worry you most, based on recent customer data?

As organizations adopt composable architectures like Jamstack and decouple their frontends via Netlify, they push logic to the network edge. The worry is that standard, centralized API gateways are frequently bypassed.

The abuse pattern we are seeing is attackers targeting these edge functions to execute “low-and-slow” API scraping attacks. Because the traffic is distributed across Content Delivery Networks (CDNs), it flies under the radar of legacy rate-limiting tools. We launched the Salt Netlify Collector specifically to solve this, ensuring that enterprise-grade behavioral security travels with the code all the way to the edge.

For overwhelmed CISOs facing tool sprawl, how should they justify Salt alongside SIEM and cloud security investments?

I tell CISOs to look at the architecture of modern attacks. Your SIEM is your system of record, and CNAPP secures your cloud infrastructure, but neither understands API behavior or non-human identities.

If you have an 88-to-1 ratio of AI agents to human users, your SIEM will simply drown in the noise of machine-to-machine logs. Salt acts as the specialized intelligence engine that curates that noise. We identify the specific behavioral anomalies at the API layer and feed only the high-fidelity, actionable alerts into your SIEM. It isn’t tool sprawl; it is closing the single most critical blind spot in your AI deployment strategy.

Read More: ITTech Pulse Exclusive Interview with Michael Jacobs, Head of Social Innovation at IBM

What’s the biggest misconception leaders hold about API risks in agentic AI that you’d correct for our readers today?

The biggest misconception is that AI risk is primarily about model poisoning, hallucinations, or prompt injection. While those matter to data scientists, the immediate business risk is the API fabric.

If an AI agent goes rogue but has no API access, it is just a chatbot talking to itself. The moment you give it API keys to execute workflows; it becomes operational infrastructure. The risk is not the AI’s “thoughts”, it is the APIs it can touch. You cannot have AI security without API security.

Thank you, Mr. Eric, for taking the time to share your insights with us.

Write to us [⁠wasim.a@demandmediaagency.com] to learn more about our exclusive editorial packages and programmes.