NEWS

42Crunch and Postman See Growth of Shift-Left Adoption for API Security by Enterprise

  • 42Crunch poll reveals that a third of developers are now implementing security testing at the start of the API design lifecycle. 
  • 33% of developers implementing security after the coding stage.
  • 34% of developers implement security either before or after production deployment.

San Francisco, CA  – June 24, 2021 – 42Crunch, the API Security platform vendor, has announced an integration of its API security services with Postman, the API collaboration platform for developers. 42Crunch provides enterprises with continuous protection at every stage of the API lifecycle reducing the cost of DevSecOps accelerating the delivery of production ready APIs. Using 42Crunch, API developers and application security teams can now implement API security design and testing as part of an API-First approach in Postman.

APIs are the backbone of the modern internet infrastructure and as companies move to the cloud and adopt microservices, APIs and the data associated with them are increasingly vulnerable if not protected properly. To combat this risk organizations need to encourage developers to use secure coding practices. A recent poll conducted by 42Crunch revealed that 33% of developers are now implementing security testing at the start of the API design lifecycle with a further 33% implementing security after the coding stages  and the remaining 34% either before or after production deployment. (1)

The explosive growth in API traffic has been driven by digital transformation and now API calls represent the overwhelming majority of web traffic, something that has not gone unnoticed by the hacker community. Gartner predicts “By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.” (2)

Kin Lane, Chief Evangelist with Postman said, “Despite the fact that APIs are now everywhere, not all APIs are born equal as many are poorly built and have inherent security vulnerabilities. Adopting an API-first strategy with guidelines for design, development, testing and deployment better prepares a business for the digital revolution impacting every industry. 42Crunch’s API audit, scan and protection services complement Postman’s API collaboration platform and give enterprises a full 360° approach to securing their APIs.”  

Isabelle Mauny, Field CTO and Co-founder at 42Crunch said “Our collaboration with Postman, is helping API developers and DevSecOps at leading enterprises adopt a security as code approach to their API design and development. 42Crunch’s unique combination of a shift-left and shield-right approach to API security provides enterprises with continuous protection for their APIs at every stage of the API lifecycle.”

To learn more about how 42Crunch and Postman are implementing API security testing listen to the webinar: watch here

42Crunch announced last month a Series A round raising $17 million to further advance our API security platform and operations.

 


(1) Poll was conducted on a webinar hosted by 42Crunch on June 16, 2021 with n =305 developers and application security leads from USA and EMEA.

(2) API Security: What You Need to Do to Protect Your APIs. By Mark O’Neill, Dionisio Zumerle, Jeremy D’Hoinne, refreshed 1 March 2021, Published 28 August 2019.


 

About Postman

Postman is the leading collaboration platform for API development, used by more than 15 million developers and 800,000 organizations worldwide. Postman is an elegant, flexible platform that is used to build connected software via APIs—quickly, easily, and accurately. Postman is headquartered in San Francisco and has an office in Bangalore, where the company was founded. Postman is privately held, with funding from Insight Partners, Nexus Venture Partners, and CRV. Learn more at postman.com or connect with Postman on Twitter via @getpostman.

About 42Crunch

42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, the 42Crunch platform empowers development, security and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity. Visit https://42crunch.com to learn more. Visit our online community at https://APIsecurity.io.

Media Contact:

Anne Marie McCallion
ReturnPR +353 86 834 9329  
annemarie@returnpr.com

Latest Resources

WEBINAR

Mitigate OWASP API risks through security-by-design

Learn best practices and mitigation steps for some of the OWASP API vulnerabilities through this 42Crunch API security best practice webinar
Nov 5, 2024
PST 9am | EST 12pm | GMT 5pm

BLOG

Securing APIs in the Age of GenAI: Test Before You Connect

By Tom Chang | October 2, 2024

How to secure your APIs from GenAI and LLM based attacks Generative AI (GenAI) and Large Language Models (LLMs) are transforming the enterprise landscape, enhancing customer and employee experiences with unprecedented efficiency and insight. The recent McKinsey Global survey on AI reports that 65 percent of respondents say […]

DataSheet

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.