Proactively Test Your APIs Before They Go Into Production.
Scan All API Endpoints
Metlo’s automated tests find the most common vulnerabilities and misconfigurations automatically.
Metlo finds issues like Unauthenticated endpoints returning sensitive data, No HSTS headers, PII data in URL params and more.
Built in Testing Framework
Write your own tests to get full security coverage on each endpoint
Run tests locally or in your CI/CD with the Metlo CLI to catch issues before production.
Automatically generated test templates for the OWASP Top 10