API Vulnerabilities

Metlo automatically detects common API vulnerabilities by scanning your API traffic. Here are some examples of vulnerabilities Metlo might detect:

  • Unauthenticated endpoints returning sensitive data
  • Missing HSTS Headers
  • PII data in query params
  • PII data in path params
  • Endpoints using Basic Auth
  • Open API Spec Diffs
3808

We're adding more vulnerabilities every week so be sure to check back for more updates!