This document discusses API security testing with Postman and Qualys. It notes that APIs are widely used but often developed without security in mind. It highlights some of the top API security risks from the OWASP API Security Top 10, including broken object level authorization, broken user authentication, and broken function level authorization. The document promotes Qualys' web application scanning capabilities for APIs and its integration with tools like Postman to allow quick scanning of APIs using existing test collections. It concludes with a brief demo and emphasizes that API security is important.