Pre-Built Scans To Easily Secure Your API
Secure Pro, on the Ready! API platform, helps you find and address API security vulnerabilities before you go to production by providing a number of built-in security scans that you can easily add to your API tests. Our unique Security Scan Wizard walks you through the steps of customizing the test run by selecting the scans you want to use and the test steps you want to run them against.
Our built-in security tests include:
Sending in data at the boundary of allowed values or in direct opposition of the allowed values may cause your system to display unwanted information. This scan sends those requests through to see if your API can be breached.
This test checks to make sure your API doesn't expose the parameters it uses by displaying the in messages and URLs.
This scan injects random text as API requests in an effort to provoke unknown erros, buffer overflows, stack traces, or string vulnerabilties.
This scan sends an unexpected data format in the request so you can validate that the API can gracefully handle input of the wrong data type.
This scan will insert malformed XML snippets into the API request in an effort to expose sensitive information or potentially crash a vulnerable server.
Malicious attachments can take several forms and have multiple purposes - for our scan, we add and/or replace attachments to the request with invalid or large attachments to seek out vulnerabiltiies in the server or the code.
Our SQL injection test can send malicious SQL statements to your API in an effort to access and weaken your databases.
The XML Bomb sends an extremely large XML file to your API in an effort to create a stack overflow.
This scan injects unexpected XML content and/or structures into the API request in an attempt to disrupt its behavior.
Back To All Features