Blog & Articles

Blog

Demystifying API Security

In this blog, Levo simplifies the world of API Security, guiding you through essential questions and effective solutions for safeguarding enterprise interests.

Blog

Introducing Dynamic Endpoint Tagging

LEVO announces the launch of an innovative feature that empowers users to categorize API endpoints using dynamic rules/logic. This feature enables users to employ Python code to tag endpoints in the system, thereby enhancing classification.

Blog

Getting Kubernetes Metadata on Linux Nodes

This post will discuss how you can get Kubernetes Pod metadata for a process on a Linux node in a Kubernetes cluster.‍

Article

Revolutionizing API Security: A Seamless Integration with Levo.ai

Our latest innovation is a service designed to integrate seamlessly with various tools already in use within your enterprise, including end-to-end testing tools, API testing tools, DAST (Dynamic Application Security Testing), and web scanners.

Article

API Security Testing on Autopilot: Schedule Automated Tests

At Levo.ai we have already simplified the way security testing is done, and help you identify vulnerabilities on all your APIs with a single click.

Blog

API Security: Because Who Needs Secure Applications Anyway?

For a few moments, take exit into a world where security essential elements are ignored, joked about, and treated as optional.

Article

API Observability & Security Newsletter – Oct 2023

We are very proud to share that we have achieved SOC 2 Type 2 attestation, GDPR compliance, and ISO 27001:2013 compliance

Blog

Unveiling Levo's One-Click Postman Collections: Transforming API Testing Forever

Levo’s eBPF-powered instant observability solution discovers and documents all your existing APIs automatically. No code changes needed from your side, and you don’t even need to restart your applications.

Blog

The Importance of Trust: Levo.ai's Commitment to SOC2, GDPR, and ISO 27001

Levo's core value is trust, which drives everything we do. As the digital landscape evolves, trust is becoming more critical than ever. That's why we have taken steps above and beyond to obtain SOC2 attestation,…

Blog

Product Release – June 2023

We are thrilled to share the exciting updates that Levo.ai has brought to our product in the past quarter. Our dedicated product team has been working hard, delivering new features that will significantly benefit you.

Blog

Have You Automated Your API Security Testing?

Here at Levo, we work to seamlessly embed security into developer workflow and CI/CD. With the help of machine learning models to observe anonymized API traffic, we automatically generate and run security tests at scale.

Article

Making API Bug Bounties A Breeze!

Ethical Hackers & Pentesters. Cut your bounty hunting time in half and reap more $$$! Check out this Burp extension.

Article

My Intern Experience

As an undergraduate student, a key learning experience to succeed in the career industry is landing an engaging internship.

Article

crAPI: Excessive Data Exposure

Learn more about the API vulnerability called Excessive Data Exposure.

Article

Is Your API Security Vendor Making You Insecure?

Buyer beware! XDR-like API Security solutions will most likely increase your risk of a data breach — and lead to a compliance violation!

Article

API Contract Testing Using Postman

Unlock powerful API Contract Tests by simply leveraging your existing Postman Collections.

Article

API Security Testing Using Postman

Unlock powerful API Security tests using your Postman Collections.

Article

Are Your APIs in AWS API Gateway Robust & Secure?

With secure exporting, importing, and testing steps from AWS to Levo, learn how to use Levo to secure your AWS API Gateway services.

Article

Auto OpenAPI Generation – On Developer Laptops!

Automatically generate OpenAPI specifications by simply browsing your API endpoints on your laptop

Article

crAPI: NoSQL Injection

Learn more about the API vulnerability, NoSQL Injection.

Article

Auto OpenAPI Generation — The Network Doesn’t Lie!

Auto generate OpenAPI specifications in an language/framework agnostic manner via eBPF

Article

crAPI: Mass Assignment

Learn more about the API vulnerability called Mass Assignment

Article

Frictionless API Observability

Take control of API sprawl, and proactively mitigate API risk, by using Levo’s frictionless & privacy-preserving API observability solution!

Article

crAPI: Broken Object Level Authorization

Learn more about the API vulnerability called Broken Object Level Authorization (BOLA/IDOR)

Article

Taking Control of Customer IAM

Levo's eBPF powered API Observability lets you take control of CIAM.

Article

crAPI: Broken User Authentication

Deep dive into the API vulnerability called Broken User Authentication.

Article

Intro to API Security: crAPI

A high level walkthrough of crAPI. crAPI is a vulnerable API driven app to demonstrate common API vulnerability patterns.

Article

Making Security Fun for Developers

crAPI is a vulnerable demo application from the OWASP foundation, that aims to make learning security fun & interactive for developers.

Article

Supercharge IAM with eBPF

Identity & Access Management (IAM) in APIs is very complex. Supercharge IAM with Levo's eBPF based API Observability solution.

Article

Quick ‘n Easy API Spec Generation

APIs are used almost every day by developers. This involves not just using them but also integrating, reviewing, and doing research. Learn how to quickly generate API specs for your applications

Article

Test Your APIs For Spring4Shell With Levo.ai

Is your application built using the Spring Framework for Java? Are you worried that your APIs might be vulnerable to the recently discovered Spring4Shell vulnerability? Levo can help.

Article

Application Security Ain’t Complicated

Apply four concepts to simplify your API security journey significantly and make adopting application security much easier.

Article

Forever Free API Security Testing

Levo's freemium identifies sophisticated API vulnerabilities like Horizontal Authorization Abuse, Vertical Authorization Abuse, and Business Logic Abuse. Levo also provides full coverage for OWASP API Top 10.

Article

Empowering Developers to Own API Security

Scaling security coverage in agile companies is only possible by empowering developers to easily discover, triage, and fix such vulnerabilities before they make it to production servers.