In today’s connected enterprises, web services and developer-accessible APIs are a necessity. Unfortunately, we find that companies tend to overlook the importance of assessing their web services and APIs. The truth is that any vulnerability can let external attackers into your systems, violate customer privacy, and cost a ton to clean up and get things right again.
In regards to API, OAuth is a major security concern. We’ve analyzed the OAuth standards in detail and have found many types of implementation vulnerabilities that put our clients at risk to reply attacks and authentication bypasses.
Whether it is SOAP, REST, XML-RPC, Protobuf, JSON, JSON-P, or anything in between, we’ve assessed them all in almost every language you can think of.
Copyright © 2014, Include Security LLC. Design by Star Graphic Design