I sometimes wonder in the security industry if part of the issue with adoption of good practises is sometimes partly a self-created problem, don’t get me wrong I’m not saying people go out of their way to make it harder to secure things but I think that getting the right information to the right people in the right format is important.
An area I find that general/common knowledge is lacking is around security testing (penetration testing, adversary simulations and red teaming). In today’s blog I’m going to talk through the high-level steps that are conducted when testing APIs to try and remove some of the veil that I think surrounds this space. In this blog I’m going to talk through our approach to API testing to help you not only understand how we do it but also to help you scope your testing requirements, regardless of who does the testing! After all, sharing is caring!Read more “API Security Testing”