Security Zeitgeist: Unprotected APIs are at high-risk and should be protected by enforcing API Security Policies

API Security

Subscribe to API Security: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get API Security: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

api security Authors: Yeshim Deniz, Elizabeth White, Pat Romanski, Madhavan Krishnan, VP, Cloud Solutions, Virtusa, SmartBear Blog

Related Topics: API Security

api security: News Feed Item

Peach Introduces Automated Way To Secure Web APIs

Peach API Security Secures Against the OWASP Top-10, Integrates with CIs

SEATTLE, Feb. 14, 2017 /PRNewswire/ -- Securing web APIs,­ found in everything from websites to everyday appliances and mobile devices, against threats has long been difficult and costly. Peach API Security changes all of that! Taking advantage of the years of security experience behind the Peach Fuzzer Platform, Peach API Security makes security testing of web applications easy and effective. No longer will companies have to change developer workflow, push out expensive fixes, or worry about undiscovered API bugs being exploited.

Transform your unit tests into security tests.

Peach API Security is a revolutionary automated web application testing tool specifically designed to integrate seamlessly with existing agile development processes, unit tests, and CI pipelines. Customers will now be able to easily detect previously unknown vulnerabilities in their web APIs through either fast scanning during normal build cycles or in-depth fuzzing prior to release.

"Peach API Security provides a larger return on investment, with the quality of releases going up dramatically," says Mike Eddington, CTO of Peach; he will join the Peach team at the RSA Conference 2017 in San Francisco to showcase the innovative security testing software.

Automated, Comprehensive, Easy Security Testing

Peach API Security was developed to address the needs of web application developers. Currently developers spend inordinate amounts of time chasing bugs and dealing with false positives. By integrating seamlessly with CI processes and tools already in place and leveraging DevOps unit tests, this web API-focused security testing tool discovers unknown vulnerabilities before the build is deployed.

Unlike traditional web scanners, Peach API Security is designed to generate traffic utilizing existing test automation frameworks like PyTest and Selenium right out of the box. It runs in the background with established CI pipelines and scrutinizes web APIs like REST, SOAP, and JSON RPC for vulnerabilities.

Combining the principles and techniques of fuzzing with the standards of compliance issued by OWASP Top-10 and PCI 6.5, Peach API Security sets a new standard for securing API against exploitation.

Detailed Actionable Reporting for Developers and DevOps Managers

Peach API Security not only automates the security testing process for every build, it also provides detailed data for implementation and deployment by development teams. For each bug uncovered, Peach API Security displays the error, the probable cause, the severity, the exploitability, an example of an error-free response, and a pointer to the associated OWASP Top-10 security risk. 

This wealth of automated data allows DevOps and QA teams to address and rectify bugs in real time during the development process and repeat the testing consistently with each build.

Solutions for Every Space

Peach API Security was built to mitigate expensive bugs, costly fixes, and lost productivity during the web application build-and-release process. With years of experience in fuzz testing and security, Peach provides businesses with an advanced, powerful, accessible tool for discovering vulnerabilities in web APIs.

Learn more and say hello to Peach API Security at Booth N3540, RSA Conference 2017.

844-55-PEACH || [email protected] ||


To view the original version on PR Newswire, visit:

SOURCE Peach Fuzzer

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.