Pre-Built Scans To Easily Secure Your API

Secure Pro, on the Ready! API platform, helps you find and address API security vulnerabilities before you go to production by providing a number of built-in security scans that you can easily add to your API tests. Our unique Security Scan Wizard walks you through the steps of customizing the test run by selecting the scans you want to use and the test steps you want to run them against.

Our built-in security tests include:

Boundary Scan

Sending in data at the boundary of allowed values or in direct opposition of the allowed values may cause your system to display unwanted information. This scan sends those requests through to see if your API can be breached.

Cross-Site Scripting

This test checks to make sure your API doesn't expose the parameters it uses by displaying the in messages and URLs. 

Fuzzing Scan

This scan injects random text as API requests in an effort to provoke unknown erros, buffer overflows, stack traces, or string vulnerabilties.

Invalid Types

This scan sends an unexpected data format in the request so you can validate that the API can gracefully handle input of the wrong data type.

Malformed XML

This scan will insert malformed XML snippets into the API request in an effort to expose sensitive information or potentially crash a vulnerable server.

Malicious Attachment

Malicious attachments can take several forms and have multiple purposes - for our scan, we add and/or replace attachments to the request with invalid or large attachments to seek out vulnerabiltiies in the server or the code.

SQL Injection

Our SQL injection test can send malicious SQL statements to your API in an effort to access and weaken your databases.

XML Bomb

The XML Bomb sends an extremely large XML file to your API in an effort to create a stack overflow.

XML Injection

This scan injects unexpected XML content and/or structures into the API request in an attempt to disrupt its behavior.

Back To All Features
Questions? Email us at or call us +1 617-684-2600