Show HN: Free GraphQL Security quick scan (opens in new tab)

(graphql.security)

8 pointsachrafash3y ago5 comments

5 comments

Every GraphQL framework comes with ZERO security guardrails out of the box! You'd be surprised how vulnerable most GraphQL APIs are (even at big cos )

So at Escape, we decided to ship a quick scan to check for the basic requirements: a dozen security best practices.

It's completely free of charge and you don't to create an account.

Let us know if you have any questions or feedback!

bilalq3y ago

Seems like a neat service. It doesn't scan endpoints that block unauthorized access (which makes sense) and points at the free trial of the more full-fledged offering. The only issue I have is that I'm very reluctant to sign up for a free trial with no idea of what pricing will look like.

glimow3y ago

Pricing page is on the way! Should be up on our website this week

I_am_tiberius3y ago

Cool. Can this be used for local endpoints (localhost) as well?

glimow3y ago

Not directly, but it will work through a proxy like ngrok

j / k navigate · click thread line to collapse

5 comments

achrafashOP3y ago

Every GraphQL framework comes with ZERO security guardrails out of the box! You'd be surprised how vulnerable most GraphQL APIs are (even at big cos )

So at Escape, we decided to ship a quick scan to check for the basic requirements: a dozen security best practices.

It's completely free of charge and you don't to create an account.

Let us know if you have any questions or feedback!

bilalq3y ago

glimow3y ago

Pricing page is on the way! Should be up on our website this week

I_am_tiberius3y ago

Cool. Can this be used for local endpoints (localhost) as well?

glimow3y ago

Not directly, but it will work through a proxy like ngrok

j / k navigate · click thread line to collapse