Nightly scheduled scan

A nightly scheduled scan runs an automated API security assessment on a recurring basis. The scanner submits read-only requests to your API surface, records findings, and produces a risk score with prioritized issues. You define the target URL and schedule, and the system executes the scan without requiring code changes or agents.

Without regular scanning, subtle misconfigurations remain undetected until they are exploited. Common gaps include unnoticed JWT algorithm weaknesses, exposed internal fields through over-permissive endpoints, and new sensitive data paths introduced during rapid development. These issues accumulate technical debt and increase the likelihood of data exposure or privilege escalation in production.

Integrate the scan into your existing pipeline or schedule it to run at a consistent time each night. A typical workflow is:

1. Provide the API endpoint and authentication details to the scanner.
2. Trigger the scan on a schedule using the dashboard, CLI, or webhook.
3. Review the generated report to see risk scores and prioritized findings.
4. Track changes over time using score trends and diff detection.
5. Export compliance artifacts for audit evidence where relevant.

Using the CLI, a nightly job can be expressed as a simple command:

middlebrick scan https://api.example.com --auth-type bearer --auth-value "token_abc" --output json

In environments with continuous monitoring, findings from each scan are compared against previous runs to highlight regressions and resolved issues.

middleBrick maps findings to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II controls, and surfaces findings relevant to audit evidence for common regulatory frameworks. The scanner checks authentication bypasses, IDOR and BOLA risks, privilege escalation paths, data exposure including PII and API key patterns, and input validation issues such as CORS misconfigurations and dangerous HTTP methods.

For LLM-facing APIs, the scan includes adversarial probes across multiple tiers to test for prompt extraction, instruction override, and token smuggling. OpenAPI specifications are parsed with recursive $ref resolution and compared against runtime behavior to identify undefined security schemes or deprecated operations.

You can run scans via the web dashboard, the middlebrick CLI, or the API client. The GitHub Action enforces a quality gate in CI/CD, failing the build when the score drops below a defined threshold. Pro tier adds scheduled rescans, diff detection, email alerts limited to one per hour per API, and signed webhooks with auto-disable after repeated failures.

Authenticated scans support Bearer tokens, API keys, Basic auth, and cookies. Only selected headers are forwarded, and domain verification ensures that only the domain owner can submit credentials for scanning. Scan data is deletable on demand and purged within 30 days of cancellation.