Secondary Navigation
Welocme to Experior

API security is even more critical today with the plethora of connected apps and mobile apps in the marketplace. Protect your services and consumers against the most common security vulnerabilities by using a complement of tests and scans, all accessible via the Secure tab built into the Ready! API platform.

Secure contains automatic scans of common risks and vulnerabilities in today's API stack. You can layer your security tests on top of an existing test cases to validate that those steps don't open any doors to malicious attacks. To save you even more time, we've provided the ability to run multiple scans in one single test that are designed to mimic standard hacking techniques.

Secure helps you find and address API security vulnerabilities before you go to production by providing a number of built-in security scans that you can easily add to your API tests. SmartBear's unique Security Scan Wizard walks you through the steps of customizing the test run by selecting the scans you want to use and the test steps you want to run them against.

For those who want more control over the design and execution of their API security tests, Secure provides the ability to start from a clean slate and build your own scans. In Ready! API, a security test is simply a layer on top of an existing test case, adding any number of security scans to each of the Request TestSteps beneath.

To help you build and configure the security scans that make sense for your API, Secure includes the following scans that you can populate:

  • Boundary Scan.
  • Cross Site Scripting.
  • Fuzzing Scan.
  • Invalid Types.
  • Malformed XML.
  • Malicious Attachment.
  • SQL Injection.
  • XML Bomb.
  • XPath Injection.

If none of those meet your needs, you can also choose Custom Script to write your own security scan in Javascript or Groovy. Your script will be invoked with parameters, log, context, securityScan, and testStep variables.

Is there a security scan you've built from scratch that you want to repeat or make available to other people on your team? Use the Ready! API platform's plugin framework to extend the out-of-the-box functionality so you can have your own homemade security scan added to the drop-down.

Welocme to ExperiorBookmarkPrintShare this pageContact Us