API Testing
      Back to home
      1. Help Center
      2. Scanning & Testing
      3. API Testing

      How does Edgescan test for improper assets management on an API?

      Edgescan has detailed versioning in the API documentation so old endpoints can be included in testing even if they are no longer available in public documentation.

      Version Number: v1.0.1

      Published Date: 9 Apr 2024

      ____________________________________________________________________________

      Improper assets management is actively being developed and improved on with development of API’s comes the forgetfulness of old, staging and test branches of API, we counter this by identifying a version in use and enumerating to detect additional endpoints however this data may require manual intervention as these may be intendedly available for backward compatibility or non-production code that is still maintained for testing purposes.

      A combination of Attack Surface Management (ASM) and Vulnerability Management (VM) is recommended for full dynamic coverage of your assets.