logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Matt Tesauro
2023-02-16

tldr - powered by Generative AI

API security testing and defense strategies
  • APIs are web apps without a UI, so testing them requires knowledge of HTTP
  • Data attacks involve injecting data into a JSON structure, while structural attacks involve manipulating the structure itself
  • Gaps in API security testing and defense make it a highly productive area for testing
  • Runtime and testing are important for defenders, with posture, insufficient logging and monitoring being strong tools
  • API security tools are available for testing and defense