Introducing Cloudflare’s Web and API Vulnerability Scanner (Open Beta)
Cloudflare is launching the Open Beta of the Web and API Vulnerability Scanner for all API Shield customers. This new, stateful Dynamic Application Security Testing (DAST) platform helps teams proactively find logic flaws in their APIs.
The initial release focuses on detecting Broken Object Level Authorization (BOLA) vulnerabilities by building API call graphs to simulate attacker and owner contexts, then testing these contexts by sending real HTTP requests to your APIs.
The scanner is now available via the Cloudflare API. To scan, set up your target environment, owner and attacker credentials, and upload your OpenAPI file with response schemas. The scanner will be available in the Cloudflare dashboard in a future release.
Access: This feature is only available to API Shield subscribers via the Cloudflare API. We hope you will use the API for programmatic integration into your CI/CD pipelines and security dashboards.
Documentation: Refer to the developer documentation to start scanning your endpoints today.
Source: Cloudflare
Latest Posts
- Workers – New Domains tab in the Workers dashboard
- Dynamics 365 Customer Service – Unlock Workforce Engagement capabilities with Customer Service Enterprise license [MC1310832]
- Amazon Connect Customer launches permission for agents to view only their own performance evaluations
- Two new models for agentic coding and efficient AI are now available in Amazon SageMaker JumpStart
![(Updated) Microsoft Viva: Viva Glint – Survey Designer Role [MC1218413]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-googledeepmind-25626433-150x150.webp "(Updated) Microsoft Viva: Viva Glint - Survey Designer Role [MC1218413] 6")
