API Security Risk Scoring | middleBrick

# middleBrick > Automated API security risk scoring platform. Scans enterprise APIs and assigns security risk scores. middleBrick is a self-service SaaS that automatically analyzes APIs for security vulnerabilities and generates risk scores. It covers OWASP API Security Top 10, LLM/AI-specific threats, GraphQL, and compliance frameworks. ## Core Capabilities - **Risk Scoring Engine**: 12 parallel security checks covering OWASP API Top 10 + GraphQL + LLM-specific analysis - **AI/LLM Security**: 18 adversarial probes across 3 scan tiers — prompt injection, jailbreaks, encoding bypasses, data exfiltration, cost exploitation. The only self-service scanner with active LLM probing. - **Compliance Mapping**: GDPR, PCI-DSS, HIPAA, SOC 2, ISO 27001, NIST - **Multi-Protocol**: REST and GraphQL supported; gRPC, WebSocket, SOAP planned - **Framework Coverage**: 30+ frameworks (FastAPI, Express, Spring Boot, Django, NestJS, Laravel, Gin, Flask, etc.) - **CI/CD Integration**: CLI tool, GitHub Action, MCP Server ## Documentation - [Getting Started](https://middlebrick.com/docs/) - [How It Works](https://middlebrick.com/docs/how-it-works/) - [Scoring Methodology](https://middlebrick.com/docs/scoring/) - [Security Checks Overview](https://middlebrick.com/docs/checks-overview/) - [LLM Security Checks](https://middlebrick.com/docs/llm-security/) - [API Reference](https://middlebrick.com/docs/api-reference/) - [CLI](https://middlebrick.com/docs/cli/) - [GitHub Action](https://middlebrick.com/docs/github-action/) - [MCP Server](https://middlebrick.com/docs/mcp-server/) - [Integrations](https://middlebrick.com/docs/integrations/) - [FAQ](https://middlebrick.com/docs/faq/) ## Security Topics - [API Vulnerability Guides](https://middlebrick.com/security/prompt-injection) — 60+ vulnerability pages across authentication, authorization, injection, encryption, data exposure, SSRF, LLM security - [CWE Reference](https://middlebrick.com/cwe/cwe-89) — 100+ CWE entries with framework