Search Skills
Search across 54932 indexed skills
implementing-api-key-security-controls
Designing secure API key generation with sufficient entropy and identifiable prefixes for leak detection Implementing server-side API key hashing (nev...
implementing-api-schema-validation-security
API schema validation enforces that all data exchanged through APIs conforms to a predefined structure defined in OpenAPI Specification (OAS) or JSON ...
detecting-api-enumeration-attacks
API enumeration attacks occur when attackers systematically probe API endpoints with sequential or predictable identifiers to discover and access unau...
testing-api-for-mass-assignment-vulnerability
Testing API endpoints that accept JSON/XML request bodies for user profile updates, registration, or object creation Assessing whether the API binds a...
conducting-api-security-testing
Testing API endpoints for authorization flaws, injection vulnerabilities, and business logic bypasses Assessing the security of microservices architec...
analyzing-api-gateway-access-logs
When investigating security incidents that require analyzing api gateway access logs When building detection rules or threat hunting queries for this ...
testing-api-for-broken-object-level-authorization
Assessing REST or GraphQL APIs that use object identifiers in URL paths, query parameters, or request bodies Performing OWASP API Security Top 10 asse...
implementing-api-threat-protection-with-apigee
Google Apigee is an enterprise API management platform that provides native security policies for threat protection, including JSON and XML content va...
testing-api-security-with-owasp-top-10
During authorized API penetration testing engagements When assessing REST, GraphQL, or gRPC APIs for security vulnerabilities Before deploying new API...
implementing-api-gateway-security-controls
Deploying a centralized authentication and authorization layer for microservice APIs Implementing rate limiting, throttling, and quota management acro...
implementing-api-security-posture-management
API Security Posture Management (API-SPM) provides continuous visibility into an organization's API attack surface by automatically discovering, class...
expo-api-routes
Use API routes when you need: Server-side secrets — API keys, database credentials, or tokens that must never reach the client Database operations — D...