[OWASP-Bangalore] [null] REST API WebService Security resources

Akash Mahajan akashmahajan at gmail.com
Sat Jul 21 03:52:04 UTC 2018


A good place to start is the OWASP REST Security Cheat Sheet -
https://www.owasp.org/index.php/REST_Security_Cheat_Sheet

Another popular checklist is by Shieldfy
https://github.com/shieldfy/API-Security-Checklist

As to your question about JSON or XML I am not sure that is a security
requirement either ways. That choice should depend on the API requirement
and design.

I am not sure I understand the following question.

*What ext for secure REST calls?*

On 18 July 2018 at 16:17, cyber research <001.appsec.007 at gmail.com> wrote:

> Could you please help me with checklist/resources for protecting *Web
> Service REST API's* calls which is exposed to internet.
>
> It will be really good if you share any generic checklist that you're
> tracking for day 2 day activities while validating WebServices security
>
>    - When to go for JSON or When to go XML content over REST API's ?
>    - What ext for secure REST calls?
>
> *Note* : This is for building Secure REST API based Webservice calls
> faced to internet.
>
> Thanks & Regards,
> [email protected]!001
>
>
> --
> ____________________________________________________________
> __________________
> null - Spreading the right Information
> null Mailing list charter: http://null.co.in/section/
> about/null_list_charter/
> ---
> You received this message because you are subscribed to the Google Groups
> "null" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to null-co-in+unsubscribe at googlegroups.com.
> Visit this group at https://groups.google.com/group/null-co-in.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Warm regards,
Akash Mahajan

*That Web Application Security Guy* | +91 99 805 271 82
akashm.com | *@makash* on twitter | linkd.in/webappsecguy
*OWASP Bangalore Chapter Lead | null Community Manager*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20180720/1a8cd4fe/attachment.html>


More information about the OWASP-Bangalore mailing list