Notes on offensive security engineering, API security, automation, and building things that find vulnerabilities while you sleep.
Organizations have thousands of API endpoints. Most are undocumented. Traditional pentesting can't find them all. Here's why continuous automated discovery changes the economics of API security.