1. Inventory
  2. API Vulnerabilities

Metlo automatically detects common API vulnerabilities by scanning your API traffic. Here are some examples of vulnerabilities Metlo might detect:

  • Unauthenticated endpoints returning sensitive data
  • Missing HSTS Headers
  • PII data in query params
  • PII data in path params
  • Endpoints using Basic Auth
  • Open API Spec Diffs 3808

We’re adding more vulnerabilities every week so be sure to check back for more updates!