As many organizations focus on testing web applications and consider them a primary attack vector, web services have become secondary and many times left without testing. It is often found that security in web services is inferior to security of web applications. This makes web services a primary attack vector and an easy target for potential attackers.
The use of web services has been increasing rapidly mainly due to the growth of mobile applications and the fact that most of these applications use web services. Additionally, web services are used by enterprise software as well as custom made web applications that transfer data that run on different platforms. Web Services generally store and transfer very sensitive data making them an attractive target for potential attackers. At Blue Frost Security we provide a comprehensive approach for testing web services and believe in the importance of ensuring that not only your web applications are tested but also that your web services are thoroughly revised.