With the wide adoption of cloud-native and microservice-based apps, APIs have clearly become a favored attack vector for hackers. APIs get straight to the critical data, and make up the business logic of applications, making them a valuable target. Realizing this, WAF security tool vendors are now all claiming to protect your APIs too. But can they really? What does it take to do effective API Security?
In this ebook, established API hacker Alissa Knight puts her skills up against the Traceable API Security platform to see if its claims are true. Get a closer look at her attacks on two intentionally vulnerable practice apps: crAPI and JuiceShop, from her vantage point. Alissa shares her experience, her reasoning, the lab setup, and her results.
What you’ll learn: