middleBrick vs Noname Security

middleBrick is a black-box API security scanner that submits requests to a reachable endpoint and analyzes responses. No agents, SDKs, or code access are required; it works with any language, framework, or cloud. Scans complete in under a minute using read-only methods (GET and HEAD) plus text-only POST for LLM probes. Noname Security typically relies on agent-based or instrumentation approaches that require deployment artifacts and deeper runtime integration. Because middleBrick operates without instrumentation, setup is limited to providing a URL and, for authenticated scans, credentials behind a domain verification gate.

middleBrick detects issues across 12 categories aligned to the OWASP API Top 10 (2023), including authentication bypass, JWT misconfigurations, BOLA and BFLA, property authorization, input validation, rate limiting, data exposure, encryption issues, SSRF indicators, inventory mismanagement, unsafe consumption patterns, and LLM/AI security probes. Findings map directly to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10. It also surfaces findings relevant to security controls described in HIPAA, GDPR, ISO 27001, NIST, and other frameworks using alignment language rather than compliance claims. Noname Security positions itself broadly but does not enumerate a comparable, category-level mapping to the OWASP API Top 10 in public materials.

Authenticated scanning in middleBrick supports Bearer tokens, API keys, Basic auth, and cookies. Before authenticated scans, a domain verification gate confirms ownership via DNS TXT records or an HTTP well-known file, ensuring only domain owners can submit credentials. The scanner forwards a strict header allowlist including Authorization, X-API-Key, Cookie, and X-Custom-* headers. Read-only methods are used exclusively, destructive payloads are never sent, and private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers. Noname Security’s public documentation does not detail equivalent authentication flows or the same layered network safety posture.

middleBrick parses OpenAPI 3.0, 3.1, and Swagger 2.0 documents with recursive $ref resolution, cross-referencing spec definitions against runtime findings to identify undefined security schemes, sensitive fields, deprecated operations, and missing pagination. Integration options include a web dashboard for reports and score trends, a CLI via the middleBrick npm package with JSON or text output, a GitHub Action for CI/CD gating, an MCP server for AI coding assistants, and a programmatic API for custom workflows. Noname Security offers API and cloud platform integrations, but public details on OpenAPI-specific analysis or comparable integration breadth are not provided.

The free tier allows 3 scans per month with CLI access. Starter at 99 dollars per month supports 15 APIs, monthly scans, dashboard access, email alerts, and the MCP server. Pro at 499 dollars per month adds 100 APIs plus 7 dollars per additional API, continuous monitoring with diff detection, scheduled rescans, GitHub Action gates, Slack and Teams alerts, compliance reports, and signed webhooks. Enterprise at 2000 dollars per month or more offers unlimited APIs, custom rules, SSO, audit logs, SLA, and dedicated support. Continuous monitoring is not a public feature of Noname Security’s documented offering.

middleBrick does not fix, patch, or block findings; it detects and reports with remediation guidance. It does not perform active SQL injection or command injection testing, which requires intrusive payloads outside its scope. Business logic vulnerabilities, blind SSRF via out-of-band infrastructure, and certain infrastructure fingerprinting are outside its detection set and require human expertise. The product does not replace a human pentester for high-stakes audits. Noname Security similarly positions its platform as a scanner that identifies issues for review rather than a comprehensive runtime protection or remediation solution.