Blog

Ethical Hackers & Pentesters. Cut your bounty hunting time in half and reap more $$$! Check out this Burp extension.

How do you manage attack surfaces across your applications? A key requirement is visibility of your API assets and their underlying JSON structures.

Securing modern web applications is synonymous with securing the underlying APIs used. Learn more in this short video.

Auto OpenAPI Generation - The Network Doesn't Lie! | Harish Nataraj [LIVE SERIES]

As an undergraduate student, a key learning experience to succeed in the career industry is landing an engaging internship.

Learn more about the API vulnerability called Excessive Data Exposure.

Buyer beware! XDR-like API Security solutions will most likely increase your risk of a data breach — and lead to a compliance violation!

Unlock powerful API Contract Tests by simply leveraging your existing Postman Collections.

Unlock powerful API Security tests using your Postman Collections.

With secure exporting, importing, and testing steps from AWS to Levo, learn how to use Levo to secure your AWS API Gateway services.

Automatically generate OpenAPI specifications by simply browsing your API endpoints on your laptop

Learn more about the API vulnerability, NoSQL Injection.

Auto generate OpenAPI specifications in an language/framework agnostic manner via eBPF

Learn more about the API vulnerability called Mass Assignment

Take control of API sprawl, and proactively mitigate API risk, by using Levo’s frictionless & privacy-preserving API observability solution!

Learn more about the API vulnerability called Broken Object Level Authorization (BOLA/IDOR)

Levo's eBPF powered API Observability lets you take control of CIAM.

Deep dive into the API vulnerability called Broken User Authentication.

A high level walkthrough of crAPI. crAPI is a vulnerable API driven app to demonstrate common API vulnerability patterns.

crAPI is a vulnerable demo application from the OWASP foundation, that aims to make learning security fun & interactive for developers.

Levo’s API Contract Testing empowers you to build and maintain resilient APIs, by detecting breaking changes before they hit production!

API misconfigurations can lead to disastrous customer data leaks. Levo's API Security Assurance, empowers modern development teams to proactively maintain a robust API security posture.

Identity & Access Management (IAM) in APIs is very complex. Supercharge IAM with Levo's eBPF based API Observability solution.

APIs are used almost every day by developers. This involves not just using them but also integrating, reviewing, and doing research. Learn how to quickly generate API specs for your applications.

Is your application built using the Spring Framework for Java? Are you worried that your APIs might be vulnerable to the recently discovered Spring4Shell vulnerability? Levo can help.

Apply four concepts to simplify your API security journey significantly and make adopting application security much easier.

Levo's freemium identifies sophisticated API vulnerabilities like Horizontal Authorization Abuse, Vertical Authorization Abuse, and Business Logic Abuse. Levo also provides full coverage for OWASP API Top 10.

Scaling security coverage in agile companies is only possible by empowering developers to easily discover, triage, and fix such vulnerabilities before they make it to production servers.

Automated security testing of microservices that uncovers sophisticated business logic attacks is a significant gap today. Levo fully automates security testing for Microservices in CI/CD.

Mike P, and Harish recently presented at the Silicon Valley IAM User Group, where they spoke about supercharging IAM Observability in API/Microservices environments using eBPF.