Subscribe to the Salt blog

Privacy Policy

Subscribe to our blog.

Subscribe Now

Testing and Hacking APIs + OWASP TLV Sessions

Salt SecuritySalt
Jul 23, 2019

If you didn’t make it to OWASP Global AppSec Tel Aviv last month I wanted to share that the team recently published videos from the event...

…you can check out the entire lineup of 44 videos in the playlist here.

Get the latest API Security report and see how you compare

I’m excited that the list includes my session on Testing & Hacking APIs which you can see here:

While I was pulling together the slides for my session I came to realize that while there are a ton of resources for application security testing the same can’t be said about API penetration testing. This gave me the idea to put together an API Penetration Testing Tips & Tricks sheet that people can use as a reference as they pull together their own methodology and strategy for API security testing.   I’ll be continuously updating and making improvements to this sheet so let me know if you have ideas of things to add or just general feedback to make it better.

If you’re interested in seeing the Salt Security API Protection Platform in action, contact us for a customized demo today!

Tags

Events
API Attack Methodology
Go back to blog
Salt Security Addresses Critical OAuth Vulnerabilities Enhancing API Security with OAuth Protection Package

Salt Security Addresses Critical OAuth Vulnerabilities Enhancing API Security with OAuth Protection Package

Salt Security is enhancing its API protection platform with a comprehensive suite of new OAuth threat detections and posture rules.

Eric Schwake
April 25, 2024
Introducing Salt Security’s New AI-Powered Knowledge Base Assistant: Pepper!

Introducing Salt Security’s New AI-Powered Knowledge Base Assistant: Pepper!

We are happy to announce the availability of our AI-powered KB assistant, Pepper.

Eric Schwake
April 3, 2024
Security Flaws within ChatGPT Ecosystem Allowed Access to Accounts On Third-Party Websites and Sensitive Data

Security Flaws within ChatGPT Ecosystem Allowed Access to Accounts On Third-Party Websites and Sensitive Data

Salt Labs researchers identified generative AI ecosystems as a new interesting attack vector. vulnerabilities found during this research on ChatGPT ecosystem could have granted access to accounts of users, including GitHub repositories, including 0-click attacks.

Aviad Carmel
March 13, 2024

Download this guide for advice on evaluating key capabilities in API Security

Learn everything you need to know to keep your APIs secure

We have updated and re-designed our Privacy Policy as of  March 2024 to make it easier to understand how we collect and use your personal data.

Get the guide
Read the new policy
Back