What Is It?
A web service, commonly referred to as an Application Programming Interface (API), is a resource that is data or action focused. It is a service which generally is not utilised by conventional end users but instead powers other services, be them compiled applications, web applications or third party services for developers to utilise. They generally do not have a frontend view but instead focus on exposing calls and functions that return data in responses or conduct actions such as updating data in your organisation for example.
Why Assess It?
There are many reasons to conduct a web services / API security assessment, five of which are below.
The Agility Cyber Approach
Like all our engagements, we want you to get the most out of your web services / API security assessment and we do this by: