Both the open source and pro versions of SoapUI have the security scanning functionality to analyze and report on potential security flaws. The functionality is more developed and easier to use, and has reporting options in pro, but basic scanning is still possible in the open source version. The pro version will be used in this recipe, but open source users should still be able to follow most steps.

In terms of recipe topics, this is one where we'll only really see a tour of the tools, as you can easily devote a chapter or even a book to the specifics of every particular security risk, how to detect it, and how to protect against it. Out-of-the-box SoapUI is really only providing a nice customizable ...