The Only Enterprise API Security Platform
Audit, Scan and Protect all your APIs
The 42Crunch platform offers a unique set of integrated API security tools which allow discovery, remediation of OpenAPI vulnerabilities and runtime protection against API attacks.
API Security Audit
An exhaustive security audit of the OpenAPI specification definition with detailed security scoring helping developers define and strengthen their API contracts.
API Conformance Scan
A scan of live API endpoints to discover potential vulnerabilities and discrepancies of your API implementation against the API contract.
A straightforward service to protect APIs and apply policies that can be deployed in our lightweight, low-latency micro API-native firewall.
Built by API security experts for API security experts
Our API security platform is built on a resilient, multi-tenant, security-driven architecture.
Positive Security Model
The API Contract is the core of the security configuration, allowing to automatically enforce traffic inbound and outbound.
Our platform addresses natively APIs’ unique security requirements across data validation, authentication, authorization, confidentiality and integrity.
Ready for DevSecOps
Push your OpenAPI definition to your CI/CD pipeline and automatically audit, scan and protect your API.
API Security for All - Built For Collaboration
API Security requires teamwork across Dev, Sec and Ops.
Enable APIs protection by focusing on proper API contract definition
Define and enforce corporate security policies from the first day of design
Deploy API firewalls at critical points in the architecture
Our Design Manifesto
Secured by design, trust no-one.
API Security setup is declared, not manual
Our domain knowledge and standards are available as pre-defined policies
Security teams are in control
Security is adapted to the risk involved
Security Infrastructure is delivered as code
Communication platform across all roles involved
Deploy API security anywhere
You can use our API firewall to equally protect north-south and east-west traffic. Thanks to its low footprint, it can be deployed at scale on any Docker orchestrator such as Kubernetes, Docker™ Swarm or Redhat OpenShift(®). Our runtime is fully compatible with existing API management solutions or API gateways and with microservices-based architectures. We support the sidecar proxy and gateway deployment models.