How do you level up DAST scans on your REST APIs?

Automate them, of course!

Here are our Top 8 Free Tools for Automating REST API Testing:
#api #automation 1. REST Assured

More than just a cute pun, REST Assured is a Java-based library built for making testing REST services in Java way easier.

It works particularly well with Maven, a build automation tool used primarily for Java projects.

rest-assured.io

Want to learn @awscloud Security but not sure where to start?

Here's a super-useful Learning Roadmap for AWS Security:

(Keep reading to get the full roadmap diagram👇 )
#awssecurity #cloudsecurity Just starting out? You should learn the basics first.

Identity & Access Mgmt. is your first order of business. Understanding IAM will solve half your security problems in AWS.

Next up, Secrets in AWS! Cryptography, secure password storage, etc. are CRITICAL.

2/6

Let's learn the basics of Threat Modeling!

Here's the Top 5 Threat Modeling methodologies, and how they work.

#threatmodeling 1. STRIDE

One of the most popular, STRIDE is an acronym for the types of threats it covers:
Spoofing identity
Tampering with data
Repudiation threats
Information disclosure
Denial of service
Elevation of privileges

This is a developer-centric methodology.

Are you planning to become a Cloud Security Architecture?

But not sure what skills you need to become the one?

Then this 🧵is for you 👇

#cloudsecurity #aws #awssecurity #appsec #infosec 1 /

Understand how components work:

For starters, you need to have an intuitive understanding of how common security protocols and components work. Things like firewalls, network access, intrusion detection systems, etc.

Application Security is one of the top skills that every tech firm is aggressively looking for 🚀

If you are a person who wants to make a great career in AppSec, this thread is for you 👇

🧵

#applicationsecurity #infosec #cloudsec #azure #aws Five ways you could teach yourself Application Security

1 / 5