API discovery | Invicti AppSec

📄️ Introduction to API discovery

API discovery helps you identify, catalog, and track your organization's internal and external APIs so you can scan them for vulnerabilities.

📄️ Get started with API discovery

Review discovered APIs, filter results, and take action on them to move APIs into your catalog for security scanning.

📄️ Create assets from API discovery

Create single or multiple targets from discovered APIs in Invicti AppSec Core to enable vulnerability scanning.

📄️ Choose the right API discovery method

Compare API discovery methods in Invicti AppSec including Zero Configuration Discovery, Network Traffic Analyzer (NTA), and API Management Integration to choose the right approach.

📄️ View discovered API endpoints

Expand a discovered API to inspect its individual endpoints and operations, or export the list to CSV.

📄️ Link discovered APIs to targets

Link discovered APIs to existing targets in Invicti AppSec Core so Invicti AppSec Core automatically scans the APIs whenever the target runs.

📄️ API types and specification formats

Information about the API types and specification formats that Invicti AppSec Core can discover and scan for vulnerabilities.