Jayesh Ahire

That's where the excessive data exposure comes into picture, where we are actually showing the information in plain text or in responses or in places in the UI where it shouldn't be there. We have seen a bunch of news articles coming around this part where the social security numbers of thousands of people leaked or millions of people leaked at bad points.

That's where the excessive data exposure comes into picture, where we are actually showing the information in plain text or in responses or in places in the UI where it shouldn't be there. We have seen a bunch of news articles coming around this part where the social security numbers of thousands of people leaked or millions of people leaked at bad points.

And all of that is due to that information already being exposed in place or in response where it shouldn't be. Because everything, as I said earlier, everything is driven around data and data is gold so it becomes critical for these applications for the services for the softwares to actually secure it properly and as everything is exposed via api it comes to the api layer again

And all of that is due to that information already being exposed in place or in response where it shouldn't be. Because everything, as I said earlier, everything is driven around data and data is gold so it becomes critical for these applications for the services for the softwares to actually secure it properly and as everything is exposed via api it comes to the api layer again

And all of that is due to that information already being exposed in place or in response where it shouldn't be. Because everything, as I said earlier, everything is driven around data and data is gold so it becomes critical for these applications for the services for the softwares to actually secure it properly and as everything is exposed via api it comes to the api layer again

Third part, and I'll talk about this in the later sections more on, but the third part is inventory management. It's all building a lot of APIs just days, but sometimes we don't even know what we have built over the period. There are a lot of APIs which were retired, but still being used, still publicly accessible.

Third part, and I'll talk about this in the later sections more on, but the third part is inventory management. It's all building a lot of APIs just days, but sometimes we don't even know what we have built over the period. There are a lot of APIs which were retired, but still being used, still publicly accessible.

Third part, and I'll talk about this in the later sections more on, but the third part is inventory management. It's all building a lot of APIs just days, but sometimes we don't even know what we have built over the period. There are a lot of APIs which were retired, but still being used, still publicly accessible.

Payment gateways, you're using validation platforms and you're actually sending the sensitive information to those platforms and making sure like what you're sending, what you're what you should be sending, what you should not be sending, and having proper filters for that. That also becomes pretty critical when we are dealing with the huge number of APIs we are dealing with these days.

Payment gateways, you're using validation platforms and you're actually sending the sensitive information to those platforms and making sure like what you're sending, what you're what you should be sending, what you should not be sending, and having proper filters for that. That also becomes pretty critical when we are dealing with the huge number of APIs we are dealing with these days.

Payment gateways, you're using validation platforms and you're actually sending the sensitive information to those platforms and making sure like what you're sending, what you're what you should be sending, what you should not be sending, and having proper filters for that. That also becomes pretty critical when we are dealing with the huge number of APIs we are dealing with these days.

So actually knowing what you have and making sure to act every single action or every single thing which is being performed with the APIs you have and the issues with those APIs is also a very critical thing. When I talk about all of these three categories, everything is part of OWASP API Doctrine.

So actually knowing what you have and making sure to act every single action or every single thing which is being performed with the APIs you have and the issues with those APIs is also a very critical thing. When I talk about all of these three categories, everything is part of OWASP API Doctrine.

So actually knowing what you have and making sure to act every single action or every single thing which is being performed with the APIs you have and the issues with those APIs is also a very critical thing. When I talk about all of these three categories, everything is part of OWASP API Doctrine.

Sure. All that makes sense. And I hear what you're saying. We're sitting in a world where everything is built on top of APIs, and that makes API testing in general critical. But why is API security testing crucial for detecting these types of vulnerabilities that you just mentioned early? And how does it differ from traditional security testing?

Sure. All that makes sense. And I hear what you're saying. We're sitting in a world where everything is built on top of APIs, and that makes API testing in general critical. But why is API security testing crucial for detecting these types of vulnerabilities that you just mentioned early? And how does it differ from traditional security testing?

Sure. All that makes sense. And I hear what you're saying. We're sitting in a world where everything is built on top of APIs, and that makes API testing in general critical. But why is API security testing crucial for detecting these types of vulnerabilities that you just mentioned early? And how does it differ from traditional security testing?

I could probably extract a couple of things from a few things you pointed out, but I'm curious to hear what you have to say holistically.

I could probably extract a couple of things from a few things you pointed out, but I'm curious to hear what you have to say holistically.

I could probably extract a couple of things from a few things you pointed out, but I'm curious to hear what you have to say holistically.