Home
Configuration
Scanning your Open API and Swagger endpoints

Scanning your Open API and Swagger endpoints

You can use the OWASP ZAP scanner to scan your application's API endpoints.

- Available on Premium tier plans -

Configuring the OWASP ZAP scanner with your Open API or Swagger specification file gives the scanner better insight into the endpoints your application exposes. Doing so improves the thoroughness and detail of OWASP ZAP when testing your API, for scanning for risks like SQL injection, Remote Execution Vulnerabilities, and others.

We've written up a detailed guide to configuring the API Scanning feature here.

Thanks for your message!