tl;dr we scanned 6031+ public APIs on the internet with our in-house feedback driven exploration tech and ranked them using security, performance, reliability, and design criteria. The results are public on APIrank.dev. You can also request to index your own API for free and see how it compares| Escape DAST - Application Security Blog
Discover GraphQL security experience from the GraphQL pentester point of view. This article will explain discovery in the pentesting process.| Escape DAST - Application Security Blog
Discover our story behind open source GraphQL wordlist for penetration testing, built from 60k+ production GraphQL endpoints. Available on GitHub| Escape DAST - Application Security Blog
Enhance GraphQL security with input validation & sanitization. Learn about homemade middleware,directives and custom scalars for protecting APIs| Escape DAST - Application Security Blog
Confusion between authentication and authorization causes data leaks. Learn the difference and how to implement the right access control pattern in your GraphQL API.| Escape DAST - Application Security Blog
The main argument for disabling introspection is that it can be a security risk.Learn why disabling introspection in GraphQL may not be necessary| Escape - The API Security Blog
For several days now, your users have been complaining about losing access to your web service. If at first you thought it was a simple coincidence and certainly a fault of the users, the incident starts to be strongly repeated and noticed. You rush to your monitors and notice an| Escape - The API Security Blog
Managing GraphQL errors can be quite a challenging task, and we tried a lot of different approaches over time. Keep reading to know what we've learned along the way.| Escape - The API Security Blog
Explore how you can prevent data breaches in GraphQL. Learn to manage sensitive data effectively with robust access control.| Escape - The API Security Blog
Insecure Direct Object References (IDOR) are common security vulnerabilities. Discover IDOR real-life examples and best practices for GraphQL API| Escape - The API Security Blog
Discover the challenges Thinkific faced and how they achieved enterprise-grade GraphQL security with Escape.| Escape - The API Security Blog
Testing your GraphQL API is critical to ensure that your software's business logic is running as expected. Tests will reveal bugs and vulnerabilities before they make it to production. In this tutorial, we go through the practical steps to write unit and integration tests for your GraphQL API.| Escape - The API Security Blog
Learn how to automatically generate static API specifications from API codebases for Continuous Security Testing (CT)| Escape - The API Security Blog
Discover the latest insights into the 2023 OWASP API Security Top 10, as we delve into the most critical vulnerabilities and best practices to protect your APIs.| Escape - The API Security Blog
DevSecOps tutorial: Learn hands-on techniques for securing your apps through vulnerability scanning with Nuclei and ensure robust security| Escape - The API Security Blog
Learn to detect/avoid vulnerable dependencies in app development with Software Composition Analysis (SCA) using a voluntary vulnerable Python app| Escape - The API Security Blog
Dive into the complexities of securing GraphQL APIs and common vulnerabilities and learn best practices for enhancing GraphQL security.| Escape DAST - Application Security Blog