Introducing Cloudflare’s Web and API Vulnerability Scanner (Open Beta)
Cloudflare is launching the Open Beta of the Web and API Vulnerability Scanner for all API Shield customers. This new, stateful Dynamic Application Security Testing (DAST) platform helps teams proactively find logic flaws in their APIs.
The initial release focuses on detecting Broken Object Level Authorization (BOLA) vulnerabilities by building API call graphs to simulate attacker and owner contexts, then testing these contexts by sending real HTTP requests to your APIs.
The scanner is now available via the Cloudflare API. To scan, set up your target environment, owner and attacker credentials, and upload your OpenAPI file with response schemas. The scanner will be available in the Cloudflare dashboard in a future release.
Access: This feature is only available to API Shield subscribers via the Cloudflare API. We hope you will use the API for programmatic integration into your CI/CD pipelines and security dashboards.
Documentation: Refer to the developer documentation to start scanning your endpoints today.
Source: Cloudflare
Latest Posts
- Find your files quickly and easily on Word, Excel and PowerPoint App home pages [MC1249435]
- Retirement of the Semi-Annual Enterprise Channel option in the Office Deployment Service [MC1249427]
- Microsoft Purview compliance portal: Data Security Investigations introduces new soft purge mitigation action [MC1249429]
- Microsoft Teams: Live transcription in Teams Rooms on Android [MC1249432]
![(Updated) Microsoft Viva: Viva Glint – Survey Designer Role [MC1218413]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-googledeepmind-25626433-150x150.webp "(Updated) Microsoft Viva: Viva Glint - Survey Designer Role [MC1218413] 6")
