How are you improving API security testing?

Security & GRCQuality, Testing and Security
5.3k viewscircle icon2 Comments
Sort by:
CISOa year ago

Make sure assessment tools consume the Open API standard such that the tool can interact with the API and some level of coverage can be achieved. https://swagger.io/specification/

API testing is pretty much usless without knowledge of how the API works and how to communicate with it.

Consider API discovery across all Internet facing endpoints to help uncover unknown API's

Director of IT in IT Services2 years ago

We're constantly refining our API security testing by leveraging the latest tools and techniques to stay ahead of potential vulnerabilities. I am not mentioning tool names and techniques as the tools and techniques are dependent on API and use cases, the tool/technologies we are using may/may not be best for your organisation.

Content you might like

Do you think your board/executive leadership understands cybercrime as an industry in itself?

Yes46%

Some but not all47%

No6%

I don’t know

View Results

What technologies, in your opinion, will have the greatest impact on crisis management in 2024? Please write a comment how you would use the technology to manage or prevent a crisis.

Artificial Intelligence and Machine Learning23%

Blockchain21%

Internet of Things (IoT)19%

Big Data and Analytics12%

Clouds8%

Automation and robotics5%

Cybersecurity11%

Other (please specify in comment)1%

View Results

How do you deal with a mismatch of risk appetites with the board? What are some ways to increase, or temper, the board’s risk appetite if necessary?

Read More Comments

What can organizations do to mitigate risks from Windows 10 devices that can’t be upgraded to Windows 11, like industrial control systems (ICS)?

How is AI implementation impacting your organization’s cyber insurance premium or coverage so far?

Read More Comments