Jitterbit vs. Salt Security API Protection Platform

This is a great tool for bringing data out of your locked, internal systems and getting it into the cloud. It meshes well with Salesforce and is fairly easy to use, helping the transition from other older, more complex tools into a more modern environment. It has lots of competition in this space and some are better than others, but if your data is straight forward and you know it well, Jitterbit will get the job done. If you are not as close or comfortable with your data and need to do some wildly complex migrations, there might be better packages out there for you.

Incentivized

Salt is highly recommended for anyone who wants to discover, monitor and protect their APIs against various types of attacks. Salt should not be used as a SIEM.

• UI is super easy to understand with a low learning curve so admins can figure it out and maintain it without breaking anything.
• It's FREE! There's a paid version too but I like that you can use most of the features for free and they're not pushy with buying.
• There's a great user community that you can google and ask any questions. Most problems I've encountered have been posted and answered already.

Incentivized

• PII identification in API traffic.
• Divergence between API traffic and documentation (swagger files).
• Potential attacks with information to take counter measures.

• Migrating operations from QA to Production work well for initial deployment, however, when migrating an update to an existing job to production, sometimes certain project items are duplicated. This is not the end of the world... the duplicates can be removed, but would be nice if it was not required.
• I have not found a way to trap under-the-covers SOAP errors (for example, when a query you are running against Salesforce takes too long). You get a warning error in the operation log that the job only pulled a "partial" file, but it does not fail.

Incentivized

• The platform could have more options for exporting detailed data from attackers' dashboards.
• The Attackers dashboard could also have more options of filters in order to support the investigations of the attack.
• The OAS analysis could present a more detailed view of the found issues.

I have been evaluating other tools as a continuous improvement practice. I would like something that would be easier to use for a non-technical user. I work for a small organization and have no back-up for Jitterbit if something happens to me. We don't have the technically savvy employees to understand it.

They have some of the best support of any software vendor that we use. They always get our issues resolved quickly

Evaluated Dell Boomi and Celigo as alternatives prior to purchasing Jitterbit. We went with Jitterbit at that time because we could handle all changes ourselves without any assistance from Jitterbit, and we liked their size and nimbleness. Dell Boomi was too big for us, and Celigo at that time did not have a self-service model. Every change had to go through them (although that has since changed). We were not in a position to be able to wait for someone to make changes for us given the rate of change within the business.

Incentivized

We tried controls offered by the IaaS providers but these were hard to manage and did not provide the visibility we wanted. We also protected APIs with a normal WAF but this was only helpful for assets we knew about and API attacks were not caught by the WAF.

• The time it takes to connect systems has reduced by orders of magnitude. Previously, we would custom-develop connectors between various systems and they would all be managed by different vendors. With Jitterbit speed-to-deploy and the efficiency gained by managing all connections in one dashboard has been the greatest piece of the ROI.

Incentivized

• Salt Security API Protection Platform has provided detailed information that is helping us to identify and investigate attacks in our environment