Nigeria No1. Music site And Complete Entertainment portal for Music Promotion WhatsApp:- +2349077287056
Tuesday, 14 February 2023
Show HN: Openapi.security, a fast security checker for REST-based API https://bit.ly/3lFYzuk
Show HN: Openapi.security, a fast security checker for REST-based API tl;dr we released openapi.security, an online tool that performs a dozen of security tests on any given openapi/swagger-based API, with no signup or email required. You can try it here: https://bit.ly/3RZjuV2 My team at Escape (YC W23) is mainly focused on securing GraphQL APIs. For this, we developed a new approach called Feedback driven API Exploration. Basically, we infer the right security tests cases to run using the specification and a carefully crafted in house graph traversal algorithm. (It's a bit long to describe here but we published a more in depth explanation of how this algorithm works in our blog!) We recently wondered if this Feedback Driven Exploration approach could be efficiently applied to good old REST APIs as well. From our experience, well designed GraphQL and REST APIs are quite equivalent: both have an organized data structure and explicit relationships between objects. So why wouldn't it work? We often organise internal hackathons. So this time, we focused on this experiment, adapting our algorithm to REST and ending up creating our last side project: OpenAPI.security. It is a very simple tool: anybody can enter an OpenAPI / Swagger spec, and openapi.security will run a bunch of security tests on it and give back a report. It's designed to be fast and smart in the way it analyzes input specs. https://bit.ly/3RZjuV2 February 14, 2023 at 07:58PM
Labels:
Hacker News
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment