Which API security tools?

which api security tools to use?

Summary

Increasing number of openly available APIs and API products in todays app driven landscape is creating governance and security challenges in this space.

This post is a summary and catalogue for most used API security tools and frameworks. With references and overview how they match API security standards.

Leave a comment or suggestion if we have missed any on this list.

API Security Frameworks and Tools

Frameworks:

Tools:

Frameworks

NameDescriptionReferences
OWASP API Security Project

This project and framework focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs).

Maintains API Security Top 10 list.

The OWASP API Security Project materials are licensed under the Creative Commons Attribution license and can be adopted and used commercially by following license terms.

OWASP API Security Top 10 on GitHub.

OWASP GraphQL API Security Cheat Sheet

Tools

NameDescriptionDeploymentCodeReferences
42crunch

Automated cloud tool for detection of API security vulnerabilities. Can be integrated into API design and delivery workflows.

Cloud based SaaS application

Closed source

Cloud platform provides API security testing and API protection products.

42crunch maintains API security community forum at Apisecurity.io and community tools.

If we are missing API security frameworks or tools on this list - let us know.

Similar posts

Join our monthly newsletter and receive
updates about the new tutorials!

We won't send you spam. Unsubscribe at any time.