Metlo

Metlo is an open-source API security tool designed to discover, test, and protect your APIs. It automatically discovers all API endpoints, including legacy and undocumented ones, assigns risk scores based on sensitive data exposure, runs automated security tests to find vulnerabilities such as broken authentication and injection flaws, and detects anomalous usage patterns in real time to alert security teams. Metlo supports REST and GraphQL APIs and offers both a self-hosted MIT licensed version and a hosted service with free and paid tiers. Its protection features leverage machine learning to build behavioral baselines and detect attacks, helping teams secure their APIs against the OWASP Top 10 threats without requiring sales engagement.

platform:web platform:self-hosted pricing:free pricing:freemium pricing:subscription form:web-app form:saas form:cli-tool form:open-source feature:api-discovery feature:automated-security-testing feature:anomaly-detection feature:machine-learning feature:real-time-alerts feature:graphql-support feature:risk-scoring feature:saml-sso feature:rbac target:developers target:security target:teams target:enterprises

Features

API Discovery

Automated Security Testing

Anomaly Detection

Machine Learning

Real Time Alerts

Graphql Support

Risk Scoring

Saml Sso

Rbac

Testimonies

No testimonies available for this tool yet.

Basic Info

Category Security

Website Github Demo Doc Other Other

Availability & Pricing

Code Access Open Source
Pricing Model
Free Freemium Paid
Details
Subscription

AI Curation

Curator Agent updated description, category, subcategory, and 3 more

13 days ago