What do you like best about the product?

This platform serves as a perfect introduction to API Security. This API Management Platform is well laid out, allowing first-time users to quickly test the API vulnerabilities based on automated OWASP Top 10 API Security Vulnerabilities criteria.

It will enable users to understand API security concepts swiftly as it provides information about whether or not to use APIs for security reasons based on the results of the provided API security tests by the platform.

What do you dislike about the product?

I can claim the vendor only after I claim all of their APIs. Whether all related APIs should be declared to claim their vendor for consistency, it can sometimes be very time-consuming when a vendor has countless unclaimed APIs related to it.

In addition, there should be some additional features to narrow the search list of unclaimed APIs, especially when there are tens of thousands of them and going over page by page can be very complicated since sometimes doing that causes buffering problems.

What problems is the product solving and how is that benefiting you?

This platform has benefitted me in filtering out APIs that are obsolete terms of that. Some do not maintain valid API documentation, endpoint servers or parameter request returns are no longer properly functioning, and endpoints need to be more secure as some do not use the SSL/TLS encrypted https format for their endpoints.

The automated OWASP Top 10 API Security Vulnerabilities criteria also allow me to quickly determine whether the APIs are secure. It will enable users to narrow the scope of security testing by allowing them to select single or various vulnerability options. Evaluating these API vulnerabilities is essential for users because these vulnerabilities can increase the security risk and make the API insecure for future use. It can lead to several consequences beyond violating the security goals of Confidentiality, Integrity, and Availability.