Recursos de Pynt - API Security Testing

Administration (5)

API / Integrations: Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility: Provides the ability to extend the platform to include additional features and functionalities
Reporting and Analytics: Tools to visualize and analyze data.
API / Integrations: Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility: Provides the ability to extend the platform to include additional features and functionalities

Issue Tracking: Track issues and manage resolutions.
Reconnaissance: Gathers information about the system and potential exploits to be tested.
Vulnerability Scan: Scans applications and networks for known vulnerabilities, holes and exploits.
Reporting and Analytics: Tools to visualize and analyze data.
Issue Tracking: Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Static Code Analysis: Examines application source code for security flaws without executing it.
Vulnerability Scan: Scans applications and networks for known vulnerabilities, holes and exploits.
Code Analysis: Scans application source code for security flaws without executing it.

Command-Line Tools: Allows users to access a terminal host system and input command sequences.
Manual Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation: Runs pre-scripted security tests without requiring manual work.
Performance and Reliability: Software is consistently available (uptime) and allows users to complete tasks quickly because they are not waiting for the software to respond to an action they took.
Manual Testing: Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation: Runs pre-scripted security tests without requiring manual work.
Compliance Testing: Allows users to test applications for specific compliance requirements.
Black-Box Scanning: Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate: The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives: The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.

Issue Tracking: Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
False Positives: The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Automated Scans: Runs pre-scripted vulnerability scans without requiring manual work.

Compliance Testing: Allows users to scan applications and networks for specific compliance requirements.
Perimeter Scanning: Analyzes network devices, servers and operating systems for vulnerabilities.
Configuration Monitoring: Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.

API Discovery: Detects new and undocumented assets as they enter a network and add them to asset inventory.
API Monitoring: Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Reporting: Provides results of the simulation and reveals potential security gaps or vulnerabilitites.

Compliance Monitoring: Monitors data quality and send alerts based on violations or misuse.
API Verification: Allows users to set customizable API verification settings to improve security requirements.
API Testing: Runs pre-scripted security tests without requiring manual work.