Saltworks builds and sells SaltMiner, the Application Security Posture Management (ASPM) and Unified Vulnerability Management platform. SaltMiner aggregates findings from multiple AppSec scanners (SAST, SCA, DAST, IAST, manual pentest), correlates and deduplicates results, and produces unified backlogs plus executive trending dashboards. Penetration testing management is built into the platform alongside scanner aggregation. Merito sells the license and operates the rule authoring, integration, and reporting cadence.
Saltworks portfolio
SaltMiner ASPM, sold and operated by Merito.
Saltworks is a single-product vendor focused on SaltMiner, the Application Security Posture Management platform that aggregates findings across SAST, SCA, DAST, IAST, and manual pentesting and produces executive-level dashboards alongside the technical backlog.
Why Merito for Saltworks
A SaltMiner engagement is integration breadth, normalization rules, and the executive reporting cadence. Merito is the team that authors all three.
Saltworks builds SaltMiner. The platform consumes findings from disparate AppSec scanners (Coverity Static, SonarQube, Checkmarx, Snyk, Sonatype, Veracode, manual pentest output, and the long tail of niche tools), correlates and deduplicates results across them, and produces a unified vulnerability backlog plus executive trending dashboards. Penetration testing management is built into the platform alongside the scanner aggregation, which most ASPM platforms keep separate.
SaltMiner is a focused product. Saltworks does not sell SAST or SCA scanners themselves. The vendor's value is the aggregation, correlation, and reporting layer above the scanner inventory. Programs running multi-vendor AppSec stacks use SaltMiner as the consolidation surface where findings normalize and prioritize.
Merito sells SaltMiner and operates the program around it. We integrate the customer's scanner inventory, author the deduplication and prioritization rules, configure the executive dashboards against the customer's reporting cadence, and stand up the operating model that consumes the consolidated backlog. Compliance dashboards map findings to the regulatory frameworks the customer needs evidence for.
The Saltworks toolchain
The Saltworks ASPM portfolio Merito sells and operates
Application Security Posture Management
SaltMiner is the single Saltworks product. ASPM aggregation, correlation, executive reporting, and pentest management under one platform.
Merito services
Merito services across the Saltworks portfolio
01
Implementation
SaltMiner deployment (SaaS or on-prem), scanner integration onboarding, normalization rule authoring, and executive dashboard configuration.
02MAPS Assessment
AppSec program scoping for SaltMiner adoption alongside Black Duck Software Risk Manager, Apiiro, Cycode, and other ASPM platforms.
03DevOps Consulting
SaltMiner integration into developer ticketing systems (Jira, Azure Boards, ServiceNow) and CI/CD scanner orchestration.
04Premium Support
Named engineer, priority SLAs, and release-window coverage for SaltMiner programs Merito implements.
05Managed Services
Long-term run support including ongoing scanner integration maintenance, deduplication rule tuning, executive dashboard updates, and pentest management.
06Training and Enablement
Role-based training for AppSec architects, security executives, and compliance leaders using SaltMiner output.
07Staff Augmentation
Merito-placed AppSec engineers and SaltMiner specialists embedded on long-running ASPM programs.
Saltworks licensing
Buy Saltworks SaltMiner from the partner that authors the rules and runs the integrations.
ASPM is integration breadth, normalization rules, and executive reporting cadence. Buy SaltMiner through Merito and get the rules, the integrations, and the dashboards together.
Related solutions
Where Saltworks connects to the rest of the Merito program
Frequently Asked Questions
Saltworks FAQs
Consultation request
Talk to Merito about Saltworks
Share your AppSec scanner inventory and your executive reporting needs. A Merito Saltworks specialist follows up within one business day.
Single-product focus
SaltMiner is the portfolio
Saltworks is a single-product vendor focused on ASPM. The depth comes from a focused product rather than a broad catalog.
MAPS-driven scoping
AppSec program scoping by Merito
MAPS Assessment sizes the ASPM program before SaltMiner implementation begins, including scanner inventory and reporting cadence.
Next step
Consolidate the multi-vendor AppSec stack with SaltMiner.
A Saltworks conversation with Merito starts with the scanner inventory and the executive reporting cadence. Multi-vendor programs running three or more analysis tools see the most value from ASPM consolidation.