In this demonstration, we use Postman to launch a combination of traditional application attacks (e.g., SQLi, XSS) and more sophisticated API attacks. The video shows the difference between what a WAF can identify and block vs. the attacks the Salt platform is able to prevent.
API Security Best Practices Guide
Solution Brief: Web Application Firewalls and API Security
Securing APIs: The New Application Attack Surface