travis.yml file.

SAST/DAST for API security testing: the shortcomings of SAST and DAST

In this post, we discuss some of the limitations of static application security testing (SAST) and dynamic application security testing (DAST). In particular, we note that both approaches are not well suited for API security due to their inability to test an API’s behavior — a critical aspect in ensuring secure APIs. We also highlight how specification frameworks can help fill this gap by providing developers with a way to formally specify their APIs at design time
https://t.co/NPjqEswnk9