The new tool helps companies find and fix API vulnerabilities


With the implementation of digital transformation projects, APIs are more critical than ever to building modern applications. But as we reported last week they too create security headaches.

Security Testing Specialist Veracode is addressing this issue with the launch of a new scan tool that allows organizations to find and fix vulnerabilities in APIs.

“The explosion of APIs means that application development is becoming increasingly fragmented and decentralized in nature, so the attack surface is growing exponentially,” said Brian Roche, chief product officer at Veracode. “As such, API scanning has become the most requested feature by our customers as they seek a solution that saves time, frees up resources and offers peace of mind.”

API scanning uses Veracode’s powerful Dynamic Analysis (DAST) scan engine to deliver security information and API fix guidance as quickly and efficiently as possible. Security and vulnerability officers can scan their APIs as soon as they are available in a network-accessible runtime environment and before they are incorporated into larger applications.

API scan results are grouped by severity and provide detailed fix guidance within a single dashboard alongside other DAST scans. This makes it easier for security teams to prioritize vulnerabilities and access the details developers need to quickly fix insecure code, facilitating smooth collaboration between security and development teams.

Roche adds: “Strong API security is almost becoming a major concern for businesses and a table stake functionality for CISOs. In a world where every relationship should start with zero trust, regular API scanning must be a cornerstone of any robust software security strategy.. “

You can find out more about it then Veracode website.

Image credit: / Shutterstock


Please enter your comment!
Please enter your name here