Business Logic Security Testing


BLST understands its client’s API posture in the context that matters – Business goals, users’ journey, and IT KPIs. It can provide discovery in less than an hour (touchless), including a clear map of your API sprawl. It can detect attack vectors and sort them according to business impact.

Committed to the dev community, BLST also developed Cherrybomb – an open-source solution that focuses on eliminating common flaws early on (new version out Feb 2023)

BLST’s advanced platform provides broad visibility, API posture management (misconfigurations), ongoing monitoring, and notifications. It quickly integrates with your existing dev tools, gives you what you need to keep your APIs healthy, and spares you unnecessary noise. It’s a to-the-point, tailored, and effective, API security solution

Meet the Team ( )

Power and dedication will make the impossible possible
Chaim Peer - BLST Security

Chaim Peer

Co-Founder ⚬ CEO

Guy Levinger - BLST Security

Guy Levinger

Co-Founder ⚬ CTO

Omer Elbaz - BLST Security

Omer Elbaz

Co-Founder ⚬ CDO

Roy Barnea - BLST Security

Roy Barnea

Co-Founder ⚬ Chief Architect

BLST Security team

Our Process

BLST focuses on business logic attacks to provide more information, higher impact, and perfect working comfort.

In contrast to common attacks, such as SQLI and XSS, each logic attack is usually unique, since it has to exploit a function or a feature that is specific to each application.