- API Penetration Testing

API Security Resource Center

API Security is still in an infancy stage so we have two different challenges: getting API security in the right time (convincing top management) and getting it in the right way.

1. Communicating API Security

Communication is a key for successful delivery of an information security program, and API security is not an exclusion. You can find our rating of TOP-10 API security breaches and flaws here.

2. API Security Guides

API Security program requires thorough design and you can use the following materials for it:
  1. For founders, management roles or product owners - our Fintech Founders Guide on MVP Security
  2. For information security officers - our TOP-12 API Security Controls
  3. For developers - API Security Checklist and our API rate limiting guide
  4. For security architects - OWASP TOP-10 API
  5. For penetration testers - awesome API Security list

3. API Security Tools - Comparisons

In some cases, built-in API security controls just aren't enough. There you can discover eight our comparisons of some most well-known API security tools\suites:

  1. Data Theorem vs Traceable
  2. apisec vs Data Theorem
  3. apisec vs IMVision
  4. apisec vs Traceable
  5. Data Theorem vs 42Crunch
  6. sqreen vs IMVision
  7. 42Crunch vs IMVision
  8. 42Crunch vs sqreen
Updates regarding 42Crunch
There you can find all kinds of materials - design and development checklists, guide for founders and tools comparisons. I hope it was usable for you, but if you don't have time to check it all out - check out our API penetration testing service and we might be your API security problem solvers.
Alex Bodryk
Cyberlands, Co-founder & managing director