Mayhem Blog

If you’re only looking for API compliance—a check box answer to “Is my API secure?”—then vulnerability scanning can provide that. It doesn’t, however, mean that your API is truly secure.

In this post, we’ll discuss the key features of REST, gRPC, and GraphQL APIs and which projects each API type is best for.

API testing can be manual or automated. Learn when to use automated vs. manual API testing and what to look for in an API testing tool.

Unfortunately, many devs and ops engineers don't view API security as a priority - and that's a mistake. In this blog post, we'll explore why API security is so important, and how you can make sure you're doing it right.

In this week’s post, we’ll talk about when API testing is required and industry-specific API testing standards.

APIs share data and enable communication between everything connected to the internet. API testing ensures that these connections are secure and work as intended.

Some organizations have begun using Web Application Firewalls (WAFs) to protect their APIs, but this isn’t a true solution to API security.

Learn how to fuzz an API without a specification by recording transactions with the API as an HTTP Archive (.har file).

Mayhem for API supports the writing of your own plugins to guide Mayhem for API into making legitimate requests to your API.