APIs are the connective tissue between almost everything on your application; both internal and external messages are mostly through APIs. Our API Testing team digs up the security coverage of the APIs, penetrates them and reports the flaws. Many attack APIs with automated vulnerability scanners and call it a day, but we know it doesn’t work that way. We have a very particular set of skills for hacking into APIs, Skills that make us a nightmare for Blackhats. We also conduct one on one sessions with the development team to assist and explain the mitigation strategy.