42Crunch and Cisco Collaborate to Drive API Security Forward and to Increase Cloud Protection

October 11, San Francisco, CA – Today at KubeCon, 42Crunch, the Developer-First API security platform company, announced their collaboration with Cisco to provide the developer community with APIClarity, a new API discovery and security tool enabling enterprises to fortify their cloud protection.

APIs are increasingly a favorite target for hackers seeking to compromise cloud environments with malware such as cryptojacking and ransomware. 42Crunch and Cisco are addressing these threats by advocating a “shift-left” approach to API security and discovery that empowers developers to code protection into the API build process.

Although cloud environments offer enterprises many security benefits, new vulnerabilities continue to arise that offer attackers fresh avenues into cloud-based environments. One such attack path is the API. Every connected mobile, modern web, or cloud-hosted application uses and exposes APIs. These APIs enable access to data and to call application functionality. While they are relatively easy to expose, they are difficult to document and defend.  As a result, shadow and zombie APIs are rife, type checking is lax, API specifications are incomplete, and authentication and authorization issues often creep up. To address these challenges, 42Crunch collaborated with Cisco to create APIClarity, a new open source tool to improve the configuration and protection of APIs.


In a recent study into the Cloud Threat Landscape, IBM found that two-thirds of cloud breaches can be attributed to misconfigured APIs.[1]

Today, APIClarity utilizes a Service Mesh framework to discover APIs and can be used in association with the 42Crunch API Audit capabilities to improve the configuration of the API specification. Knowing the API specification is the first step in identifying API risks and APIClarity captures all existing API traffic and constructs the OpenAPI specification by observing the API traffic and allows users’ to upload OpenAPI specifications and review, modify and approve the generated specs. It alerts the user on differences between the approved API specification and the one observed in runtime and detects shadow and zombie APIs with a UI dashboard auditing and monitoring the API findings.

Welcoming the announcement, Vijoy Pandey, VP of Emerging Technologies and Incubations at Cisco said, “Having a robust API security strategy is critical for enterprises to succeed with their digital transformation projects. Launching APIClarity represents a significant step in providing an end-to-end API security solution for enterprise cloud environments. We’re excited about the potential for APIClarity to empower developers to adopt a security as code approach to protecting their APIs, and to continue working with organizations like 42Crunch who share the same vision for enabling greater API security.”

Isabelle Mauny, field CTO and co-founder of 42Crunch, said, “Security and API teams stand at a crossroads today. They can either try to continue to block API threats, after they have been identified and caused potential damage, or they can adopt a preventative stance by coding security into their APIs at design time, ensuring protection throughout the lifecycle of the API.”

“This initiative by 42Crunch and Cisco empowers developers with the tools to build and automate security into their API development pipeline. It also ensures security teams retain full control of security policy enforcement at every stage of the API lifecycle, from design through to run-time protection” continued Mauny.

About 42Crunch

42Crunch provides continuous API security to protect the digital business. Our unique developer-first API security platform enables developers to build and automate security into their API development pipeline and gives security teams full visibility and control of security policy enforcement throughout the API lifecycle. Deployed by leading enterprises across the globe, 42Crunch enables a seamless DevSecOps experience that reduces governance costs and accelerates the rollout of secure APIs. Visit to learn more. Visit our online community at


Media Contact:

Anne Marie McCallion

ReturnPR +353 86 834 9329



[1] IBM Security X-Force Cloud Threat Landscape Report 2021


Latest Resources


Review of Major API Security Breaches from H1 2024

In this latest webinar, Anthony Lonergan, reviews some of the most recent high-profile API breaches that occurred in 2024.
Anthony will give a detailed overview of each attack and explain how the different vulnerabilities could be exploited to compromise the companies involved. He then practically demonstrates how companies can remediate against these vulnerabilities order to better protect their APIs.


The Scourge of SQL Injection for APIs

By Anthony Lonergan | June 25, 2024

In a report published in May 2024, cybersecurity firm Eclypsium outlined key vulnerabilities discovered in the F5 Big IP Next device. It’s another sobering reminder of the challenges faced in securing APIs when a highly regarded security company like F5 launches a new flagship product with all-too-familiar vulnerabilities […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.