[OWASP-Bangalore] [null] REST API WebService Security resources

cyber research 001.appsec.007 at gmail.com
Sun Jul 22 10:34:25 UTC 2018


Thanks Akash for your kind response!

Please ignore my second question. Will go through this OWASP resources

On Sat, Jul 21, 2018 at 9:22 AM, Akash Mahajan <akashmahajan at gmail.com>
wrote:

> A good place to start is the OWASP REST Security Cheat Sheet -
> https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
>
> Another popular checklist is by Shieldfy https://github.com/shieldfy/
> API-Security-Checklist
>
> As to your question about JSON or XML I am not sure that is a security
> requirement either ways. That choice should depend on the API requirement
> and design.
>
> I am not sure I understand the following question.
>
> *What ext for secure REST calls?*
>
> On 18 July 2018 at 16:17, cyber research <001.appsec.007 at gmail.com> wrote:
>
>> Could you please help me with checklist/resources for protecting *Web
>> Service REST API's* calls which is exposed to internet.
>>
>> It will be really good if you share any generic checklist that you're
>> tracking for day 2 day activities while validating WebServices security
>>
>>    - When to go for JSON or When to go XML content over REST API's ?
>>    - What ext for secure REST calls?
>>
>> *Note* : This is for building Secure REST API based Webservice calls
>> faced to internet.
>>
>> Thanks & Regards,
>> [email protected]!001
>>
>>
>> --
>> ____________________________________________________________
>> __________________
>> null - Spreading the right Information
>> null Mailing list charter: http://null.co.in/section/abou
>> t/null_list_charter/
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "null" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to null-co-in+unsubscribe at googlegroups.com.
>> Visit this group at https://groups.google.com/group/null-co-in.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Warm regards,
> Akash Mahajan
>
> *That Web Application Security Guy* | +91 99 805 271 82
> akashm.com | *@makash* on twitter | linkd.in/webappsecguy
> *OWASP Bangalore Chapter Lead | null Community Manager*
>
> --
> ____________________________________________________________
> __________________
> null - Spreading the right Information
> null Mailing list charter: http://null.co.in/section/
> about/null_list_charter/
> ---
> You received this message because you are subscribed to the Google Groups
> "null" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to null-co-in+unsubscribe at googlegroups.com.
> Visit this group at https://groups.google.com/group/null-co-in.
> For more options, visit https://groups.google.com/d/optout.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-bangalore/attachments/20180722/8f92c1bc/attachment.html>


More information about the OWASP-Bangalore mailing list