API Testing
      Back to home
      1. Help Center
      2. Scanning & Testing
      3. API Testing

      How does Edgescan perform testing for lack of resources and rate limiting?

      Edgescan includes rate limiting tests in all API testing.

      Version Number: v1.0.1

      Published Date: 9 Apr 2024

      ____________________________________________________________________________

      Resource and rate limiting is performed as one of the final stages of the scan in which case a PUT or POST request is detected and the request is issued with a short delay a specific number of times to view the response if a restriction or block happens. We do not perform a lack of resource test as this performs a denial of service by exceeding the API’s processing speed and draining the resources creating a clog, this is commonly abused by malicious users using archived files to create a ZIP bomb. On request, it is possible for Edgescan to test this, but a UAT/preprod environment is recommended.