Metlo is an open-source API security platform

• Create an Inventory of all your API Endpoints and Sensitive Data.
• Proactively test your APIs before they go into production.
• Detect API attacks in real time.

Features

Endpoint Discovery

• Undocumented, legacy and shadow API endpoints are an unknown and unprotected attack surface.
• Metlo scans network traffic and creates an inventory of every single endpoint in your API.
• Each endpoint is scanned for PII data and given a risk score.

API Testing

• Metlo’s suite of automated tests and our security testing framework let you find vulnerabilities in development.
• Our built in testing framework helps you get to 100% Security Coverage on your highest risk APIs
• Integrates directly with your CI/CD

Protection

• Metlo alerts your security team as soon as anomalous API usage patterns are detected.
• Our ML Algorithms build a model for baseline API behavior. Any deviation from this baseline is surfaced as soon as possible.
• Metlo’s UI gives you full context around any attack to help quickly fix the vulnerability.