As we build out our REST HTTP RPC API, there are likely to be security issues/vulnerabilities that can be exploited. We need a good general way we can check for these.
How can we fix it?
Setup an automated security scanning tool to check for vulnerabilities. We can check on:
What's wrong
As we build out our REST HTTP RPC API, there are likely to be security issues/vulnerabilities that can be exploited. We need a good general way we can check for these.
How can we fix it?
Setup an automated security scanning tool to check for vulnerabilities. We can check on:
Some tools/platforms to consider:
OWASP Zap: https://www.zaproxy.org/ StackHawk: https://www.stackhawk.com/ free for 1 app