API Security Assessment: The Need for a New Approach to API Security Testing

The traditional approach of testing applications is not sufficient when it comes to APIs, as they are often exposed through multiple endpoints and protocols. This makes them more vulnerable than monolithic applications that typically run on a single protocol like HTTP or HTTPS. A new approach is required that focuses on how the application operates in order to provide the proper level of protection. Traditional security assessment tools do not have visibility into these underlying components and therefore cannot detect vulnerabilities within an API-driven application stack.

tl;dr: Old school vulnerability scanners won’t cut it with modern apps – you need something better
https://t.co/xJ2zmZSAdg