API Security Testing
with Secure Pro
Simulate attacks against your REST and SOAP services so you know they're safe
Be a good headline, not a bad one
API security is especially critical today with the plethora of connected devices and mobile apps in the marketplace. Examples of API security breaches abound, but are often avoidable when software teams address likely exploits earlier upstream.
With Secure Pro, you can ensure that your APIs handle:
SQL injection attacks
Invalid XML or incorrect JSON data
Inappropriate methods and headers
Other scans to detect OWASP top 10 security vulnerabilities
Protect your services and consumers against the most common security vulnerabilities by using a complement of prebuilt tests and scans, all in time before code release so you know your production systems are as safe as possible.
Security for REST and SOAP
Whether you're using REST, SOAP, or a mix of both, Secure Pro has got your APIs covered. Detailed analysis of JSON and XML right out of the box means you can see deeply into problems with your service.
· Layer your security tests on top of an existing test cases so you can validate that those steps don't open any doors to malicious attacks.
· Run one or more scans in one test that are designed to mimic standard hacking techniques, many of which are pre-built within Secure Pro.
· Build security scans from the ground up for those times when you want ultimate control over how the security test behaves.
Safe APIs by Default
Secure Pro is the easiest way to make sure that your API is free of common exploits before shipping it.
· Pre-built security scans make it a matter of a few clicks to check new or existing code before it goes live.
· Without expertise, teams can quickly check for potential vulnerabilities without delaying delivery.
· Find parsing and improper handling problems early on in the same development cycle.
Fast and Integrated
With Secure Pro you don't have to reinvent the wheel or be a security expert to run standard security scans in minutes.
· Test a single URL for common vectors of attack.
· Use existing SoapUI test cases as the basis for your security scans.
· Expedite the process by pulling in existing API descriptions like WSDL, Swagger, RAML, and API-Blueprint.
Customize With Plugins
Is there a security scan you've built from scratch that you want to repeat or make available to other people on your team?
· Use Ready! API's plugin framework to extend the out-of-the-box functionality so you can have your own homemade security scan added to the drop-down.
· Use your customization in your own Ready! API instance or share with others on your team.
· Even better, share your plugin with the whole Ready! API community by adding it to the Plugin Browser.
API Security, Performance and Accuracy At Your Command
Security is just one of the aspects of a complete quality strategy over your APIs. You also need to make sure that the data coming back is accurate, that the service performs its job correctly, and that your APIs are swift to respond under heavy load.
Underlying Secure Pro is a common core based on a decade of open-source testing experience, including SoapUI NG Pro, LoadUI NG Pro, Secure Pro, and ServiceV Pro. The Ready! API platform gives you one experience, from functional to performance and security testing to service virtualization.
