You had questions, and we’ve got answers!
42Crunch API Security
Platform Demo
42Crunch API Security
Platform Data Sheet
On the content-type validation: are you supporting content negotiation headers in the content-type? (i.e. OAS Consume allows application/json and the client is sending content-type=application/json;v=1.2.2)
Yes, we do. That also includes supporting a charset after the MIME type (such as content-type=application/json; charset=UTF-8)
Any support for private cloud, specifically Pivotal Cloud Foundry?
We can run the solution on any platform, public or private. Our only requirement is to be able to deploy a docker image and scale it plus open a simple TCP connection back to the platform so that the runtime can download its configuration.
And what about Java Spring Boot apps that are using Springfox Swagger2 library for generating Swagger docs?
You can use Springfox to generate indeed an OAS v2 file which can then be automatically deployed to our platform via a CI/CD plugin. The combination of Springfox with the Swagger annotations framework can be used to produce a very high quality OAS V2 file.
We are looking at providing specific Springfox extensions to support our security as code approach, most likely in the second part of 2020.
Try our security audit for free. If you want to see the whole platform in action, request a demo now!
