Testing in Postman: Security Testing

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. Application programming interface (API) security testing is the practice of identifying and addressing vulnerabilities in the API server. Authentication and authorization play a pivotal role in securing APIs, but vulnerabilities may still emerge due to complex systems, rapid development, and third-party components. In this course, you will learn the basic building blocks of implementing application security. You will examine the Open Web Application Security Project (OWASP) Top 10 lists of application and API security vulnerabilities, which research and document the most common security vulnerabilities for applications and provide guidance on how these issues can be mitigated. Then you will set up an API server with basic authentication for security and set up success-flow and failure-flow tests. Next, you will explore defense strategies against structured query language (SQL) injection errors and write tests to inject malignant SQL queries to run against the back-end database. Finally, you will discover how SQL best practices can help mitigate SQL injection attacks.