API Security Testing is Not the Same as Web Application Security Testing
Web application security testing (WAST) has been around since the early 2000s when OWASP released its first Top 10 list of web application vulnerabilities. Since then, WAST has evolved to include many more types of tests such as Cross Site Scripting (XSS), SQL Injection (SQLi), etc., which have become standard practice in any AppSec program
https://t.co/uebsM2N5nO