January Newsletter: Added 70+ tests on Test Editor, Akto Developer Security Hub and more
This marks Akto's first newsletter of 2024! We’ve added 70+ Authentication and Authorization tests, making our Test Editor more versatile than ever, enabled Github CI/CD comment and checks, revamped our UI and much more.
Raaga Srinivas
8 mins
We’ve started 2024 with a bang 💥 , bringing to you some incredible updates to our product! We’ve added 70+ Authentication and Authorization tests, making our Test Editor more versatile than ever, enabled Github CI/CD comment and checks and much more. You’ll also find our UI revamped so that you can view all important metrics at a glance! Let’s dig in.
TLDR Important Links
[New Feature] Added 70+ new Authentication and Authorization tests
[New Feature] Introduced Powerful YAML Instructions for Custom tests
Fresh off the Shelf
🚀 Added 70+ new Authentication and Authorization tests
We’ve added new Authentication and Authorization tests, and there are still more to come! Check out Akto’s pre-built templates and scan for vulnerabilities on Akto’s Test Editor.
⚡ Introduced Powerful YAML Instructions for Custom tests
We want our users to run as many tests as possible to extract maximum benefits from Akto. Akto now displays test coverage for all collections, acting like a roadmap for effective testing.
We have added new JWT attack tests in our arsenal.
Introduced Chaining: You can run multiple kinds of requests in a single yaml template.
We’ve also added new UI specific tests where users can replace or insert any token within a given URL.
We now support Cookie Expiry tests and have added support for triggering another yaml from a given yaml test.
Start testing with Akto now.
🔔 Risk Score for each API
With companies juggling thousands of APIs, our new metric helps users prioritize riskiest APIs. It ensures focused efforts on securing the digital assets, saving time and fortifying where it matters most. Vulnerabilities are scored on a scale of 0 to 5, with 0 being not critical and 5 being extremely critical. See now.
Monthly product updates in your inbox. No spam.
☎️ Enabled Github CI/CD Comments and Checks
In the CI/CD pipeline, you can now integrate Akto to enable Github comments and checks! Akto highlights the issues identified, vulnerability type and endpoints affected.
Check out Akto docs to enable this feature.
🏛️ Create Custom API Collections
You can now create your own collections by importing APIs from other collections, see how to do this on our docs.
We’ve Revamped our UI!
🏡 Brand New Home Page
Our users were looking for a “laid-back view of our APIs", so we made it happen. Security teams can now effectively monitor key metrics like test coverage, sensitive data, and vulnerabilities all in a single dashboard. We’ve also improved our API collections page! See this on Akto.
🧪 Improved Test Results Page
Previously, our test results emphasized the APIs tested. Now, we've shifted the focus to spotlight the issues discovered. You can now focus on vulnerabilities and address potential security threats with precision. See this on Akto.
🛠️ [New Resource] Launched Akto’s Developer Security Hub
We’ve launched our new Developer Security Hub. It’s a hub for small free tools that will help you in your day to day work. Our first tool is a simple regex tester which supports 4 languages- Python, Go, Javascript and Java. It also offers testing for 10+ pre-built types of common RegExes such as email, simplifying pattern validation for developers and security teams. You can also add these Regexes to detect sensitive data in Akto’s sensitive data exposure feature.
Other Product Updates:
You can now import Swagger/Open API Spec File to Akto
Monitor Usage Metrics and Upgrade plans from within the Akto dashboard
We allow users to create and run their custom security tests in Akto in YAML format
You can now delete old test results
🚀 Akto Personalized Demo
We'd be delighted to provide you with a comprehensive walkthrough of our product. So let’s chat!
🤔 What’s Next?
Our team is working night and day to bring you the best product, and we’re scaling fast.
Have feature requests? Share your thoughts on Akto community or GitHub page. Your input helps shape our roadmap.
Until next time, happy testing!
You can read Akto newsletter from previous months:
Keep reading
News
7 mins
March Product News: 98 New Tests, Dynamic wordlists, and more
This edition of Akto’s newsletter is packed with new features and tests that will greatly decrease your API Security testing time and increase targeted testing.
Product updates
5 mins
Detailed Errors on Postman and Swagger File Import
Akto now replays APIs to automatically get data during an import of Postman and Swagger files and transparently displays reasons why each specific API couldn't be replayed in the case of an error.
Product updates
5 mins
Added 98 New API Security Tests across 5 OWASP categories
Akto has introduced new tests across several categories including BOLA, Broken Authentication, Unrestricted Resource Consumption, BFLA, and SSRF that you can explore with Akto’s Test Editor.