Detectify developing API security testing with fuzzing

Detectify developing API security testing with fuzzing

Yes the rumors are true, the teams at Detectify are working hard at researching and developing security testing for APIs. Senior security researchers, Tom Hudson and Fredrik Nordberg Almroth answer questions about API security.

Just like web apps, APIs can’t be secured with rule-based automated scanners - they need context!

That’s why we are developing our fuzzing engine to cover public-facing APIs and test them like a hacker would.

✨The beta will look to scan REST APIs for:

  • Remote Code Execution (RCE)
  • SQL-injections
  • Server-Side Request-Forgery (SSRF)
  • Misconfigurations

Do you have APIs to secure, but the existing tools just aren’t good enough?

Register your interest to get updates on Detectify API scanner beta and get a spot on our waitlist: www.detectify.com/api