API Security Testing
API Security Testing
Now including Postman API Security Examples
About the Book
API Security Testing: A Practical Guide to the OWASP API Security Top 10 is an essential resource for developers, testers, and security professionals looking to strengthen their API security practices. This book delves into the top 10 API security risks identified by OWASP for 2023, offering clear explanations, testing strategies, and best practices to mitigate these vulnerabilities. With 58 pages of in-depth content, including real-world examples and practical code samples, this guide equips you with the tools you need to protect your APIs from today's most critical security threats. Whether you're building new APIs or maintaining existing ones, this book provides the insights needed to ensure robust and secure API deployments.
Table of Contents
- Introduction
- Purpose of the eBook
- Intended Readership
- Overview of API Security Threats
- Structure of the eBook
- Final Thoughts
- API1:2023 - Broken Object Level Authorization (BOLA)
- Description
- Impact
- Testing Strategies
- Effective Tools and Techniques
- Prevention and Mitigation Strategies
- Exercise: Practice BOLA Testing on practicesoftwaretesting.com
- Conclusion
- API2:2023 - Broken Authentication
- Description
- Impact
- Testing Strategies
- Prevention and Mitigation
- Exercise: Practice Broken Authentication Testing
- Conclusion
- API3:2023 - Broken Object Property Level Authorization
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Exercise: Practice Broken Object Property Level Authorization Testing
- Conclusion
- API4:2023 - Unrestricted Resource Consumption
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Exercise: Practice Unrestricted Resource Consumption Testing
- Conclusion
- API5:2023 - Broken Function Level Authorization
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Exercise: Practice Broken Function Level Authorization Testing
- Conclusion
- API6:2023 - Unrestricted Access to Sensitive Business Flows
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Conclusion
- API7:2023 - Server-Side Request Forgery (SSRF)
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Conclusion
- API8:2023 - Security Misconfiguration
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Exercise: Practice Security Misconfiguration Testing
- Conclusion
- API9:2023 - Improper Inventory Management
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Conclusion
- API10:2023 - Unsafe Consumption of APIs
- Description
- Impact
- Testing Strategies
- Tools and Techniques
- Prevention and Mitigation
- Conclusion
- Conclusion
- Summary of Key Points
- Final Thoughts
- Next Steps
- Appendices
- Appendix A: Tools and Resources
- Appendix B: Checklist for API Security Testing
- Appendix C: Glossary
- Introduction
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earnedover $14 millionwriting, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them