DEV Community

Cover image for Postman Collection Security Test in Minutes for Free
Intesar Mohammed
Intesar Mohammed

Posted on

1 1

Postman Collection Security Test in Minutes for Free

Postman and EthicalCheck integration enable fully automated and free security testing of APIs.

How to get started

  1. Go to the https://EthicalCheck.dev

  2. Postman Collection: Submit your Postman Collection URL and email in the input fields and click the scan button on the EthicalCheck home page.

  3. Scan: Once your request is submitted. The engine first creates a map of all your API endpoints, automatically writes security tests covering the OWASP API #2, and then runs the scan.

  4. Report: You'll receive an enterprise-grade App/API penetration test report. The test report meets SOC 2 and other compliance requirements.

  5. Vulnerabilities: The test report includes all the tested endpoints, OWASP categories, exceptions, and vulnerabilities. Vulnerabilities are automatically triaged for you, which means every vulnerability will have a severity, CVSS score, endpoint information, OWASP tag, etc., saving you time and resources.

Getting started with a sample Postman Collection:

If you want to learn and try this out using a sample Postman Collection, check our sample API on the https://ethicalcheck.dev home page.
This sample API is a banking API with features like accounts, transactions, and more. It's an excellent API to learn how to detect authentication and authorization bugs.

Please say "thank you" by commenting on this post!

Everyone is welcome

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs