Edgescan API Security Testing is a software-as-a-service platform that provides API discovery, automated vulnerability scanning, and manual penetration testing capabilities. The platform uses multi-layer probing technology with asynchronous port scanning to identify and monitor API endpoints across an organization's attack surface. The solution automatically discovers active API endpoints across IP/CIDR ranges, including hidden and rogue APIs. It profiles endpoints and detects changes by consuming OpenAPI, Swagger, and GraphQL files. The platform applies specialized probing traffic across endpoints and evaluates responses to determine API presence with a confidence interval. The platform provides automated vulnerability detection for common API security issues including broken object-level authorization, broken user authentication, excessive data exposure, lack of resources and rate limiting, broken function-level authorization, mass assignment, security misconfiguration, and injection flaws. Manual penetration testing is conducted on business-critical APIs. The solution supports multi-cloud environments including AWS, Microsoft Azure, GCP, VMware NSX, and Cisco ACI. It offers continuous monitoring with on-demand and real-time alerts for threats including botnets, advanced threats, and DDoS attacks. The platform is sold as an annual subscription.