Protect AI review

This tool is a self-service API security scanner that accepts a URL and returns a risk grade from A to F along with prioritized findings. It operates as a black-box scanner, requiring no agents, SDKs, or code access, and supports any language, framework, or cloud target. Scans complete in under a minute using read-only methods such as GET and HEAD, with text-only POST support for LLM probes.

The scanner evaluates 12 categories aligned to the OWASP API Top 10 (2023). It checks authentication mechanisms, including multi-method bypasses and JWT misconfigurations such as alg=none, HS256, expired tokens, missing claims, and sensitive data in claims. It also assesses security headers and WWW-Authenticate compliance. Other categories include broken object level authorization (BOLA) and IDOR via sequential ID enumeration and active adjacent-ID probing, broken function level authorization (BFLA) and privilege escalation through admin endpoint probing and role leakage, and property authorization issues like over-exposure and mass-assignment surfaces.

Additional detection areas cover input validation, including CORS wildcard configurations (with and without credentials), dangerous HTTP methods, and debug endpoints; rate limiting and resource consumption through rate-limit header detection and oversized responses; data exposure patterns such as emails, Luhn-validated card numbers, context-aware SSNs, API key formats for AWS, Stripe, GitHub, and Slack, and error or stack-trace leakage; encryption issues including HTTPS redirects, HSTS, cookie flags, and mixed content; SSRF via URL-accepting parameters and body fields with internal IP detection; and inventory management issues like missing versioning and legacy path patterns.

The tool further evaluates unsafe consumption surfaces, LLM and AI security through 18 adversarial probes across Quick, Standard, and Deep tiers covering system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration, cost exploitation, encoding bypasses, prompt injection variants, token smuggling, tool abuse, and PII extraction. It parses OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution, cross-referencing spec definitions against runtime findings such as undefined security schemes and deprecated operations.

Authenticated scanning is available from the Starter tier and above, supporting Bearer, API key, Basic auth, and Cookie credentials. Domain verification is enforced through DNS TXT records or an HTTP well-known file to ensure only domain owners can scan with credentials. The scanner forwards a strict header allowlist limited to Authorization, X-API-Key, Cookie, and X-Custom-* headers.

The safety posture is read-only; destructive payloads are never sent. Private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers. Customer scan data is deletable on demand and purged within 30 days of cancellation. The tool does not perform active SQL injection or command injection testing, does not detect business logic vulnerabilities that require domain context, and does not replace a human pentester for high-stakes audits.

The Web Dashboard centralizes scan management, report viewing, score trends, and downloadable branded compliance PDFs. The CLI via the middlebrick npm package supports commands such as middlebrick scan <url> with JSON or text output. A GitHub Action can gate CI/CD, failing builds when the score drops below a defined threshold. The MCP Server enables scanning from AI coding assistants including Claude and Cursor, and an API client supports custom integrations.

Pro tier adds continuous monitoring with scheduled rescans at intervals of six hours, daily, weekly, or monthly. It provides diff detection across scans to highlight new findings, resolved findings, and score drift, along with email alerts rate-limited to one per hour per API. HMAC-SHA256 signed webhooks are included, with auto-disable after five consecutive failures. Enterprise tier offers unlimited APIs, custom rules, SSO, audit logs, an SLA, and dedicated support.

Findings map directly to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023). For other frameworks, the tool helps you prepare for and aligns with security controls described in relevant standards, supporting audit evidence without asserting certification or compliance guarantees.

Because middleBrick is a scanner, it surfaces findings and remediation guidance but does not fix, patch, block, or remediate issues. It does not detect blind SSRF requiring out-of-band infrastructure, and it cannot substitute for human expertise in assessing business logic or high-risk audit scopes.