|New Validation APIs to Up your Security Game
|4/27/2021 - Laura Bouchard
It seems that the list of online threats is constantly growing, which is why our engineers at Cloudmersive are continually researching and developing new APIs and services to protect you from all angles. This week, I’m excited to share four new data validation APIs that have been designed to scan for threats that fly under the radar of basic anti-virus software. These functions have been uploaded and are available for use in our API Console.
Scan Text for Structured Query Language (SQL) Injection Attacks
We have added two new APIs that will scan a single text input or multiple text inputs in batch for SQL injection attacks; these attacks target security vulnerabilities within website or database form fields and have become a serious online threat to many companies. Integration of these APIs will allow you to automatically detect an SQLI attack and define the threat detection level you want to utilize; set it to Normal to target a high-security SQL Injection detection level with a very low false positive rate, or select High to target a very-high security SQL Injection detection level with higher false positives. Default is Normal (recommended).
Check Text for XML External Entity (XXE) Attacks
Similar to the above APIs, our next validation APIs were also designed to scan a single text input or multiple text inputs in batch. However, these functions target XXE attacks, which are a type of cyber-threat that exploits an opening that occurs when an application parses an XML request to create an output. In addition to scanning the input text for XXE attacks, this API includes optional parameters to block internet-based dependency URLs such as DTDs or create lists of safe/un-safe URLs.
Keep an eye out for our next update which will be coming soon! If you have questions about these APIs or any of our other services, you can reach out to our expert team, who will be happy to assist.