42Crunch Announces Next Generation of API Security Testing Services at Gartner® Security & Risk Management Summit 2023

Enhances API Security Governance and Reduces Developer Friction

Gartner Security & Risk Management Summit, National Harbor, Md. June 5,

42Crunch, the API Security platform company, announced the latest set of API security testing and threat protection capabilities, designed to ensure companies build APIs that are secure by default and don’t impede the developer workflow. Companies will benefit from these latest advancements by enhancing their overall API security governance and compliance while simultaneously speeding up the delivery of secure APIs.

The 42Crunch API security platform is successfully deployed by Global 2500 enterprises and Government agencies worldwide and now has over 800,000 developers using its services to secure their APIs.

According to a Gartner report Software engineering leaders should, “build and deliver secure software. Select tools that integrate security seamlessly into developer workflows without compromising developer experience. This ensures that software is ‘secure by default.’ They should adopt tools at each phase of the SDLC — plan, create, verify, pre-production, release, configure and operate.”¹

Commenting on this latest release, Isabelle Mauny, Field CTO and co-founder at 42Crunch said, “Our mission is to help security and development teams work closer together. By integrating our API security testing services into the developer workflow at the IDE and CI/CD levels, we enable a trust, but verify approach for security officers to govern the API security process. Companies are able to reduce developer friction and accelerate the time to market of secure API-driven services.”

Key Features include:

New generation of API security testing engine:

  • Support for scenarios testing
  • Automatic authorization testing to detect API 1 and API 5 issues
  • Automatic authentication testing to detect API 2 issues

Those tests are enriching the existing set of tests used by our major customers which trigger faulty API behaviors that typical hacking would trigger, including injection of data (API6 / API 8) detection of data leakage (API3), or security misconfigurations (API7).

Available via CI/CD and from the developer’s IDE.

  • Test operation by operation
  • Easily reproduce issues from within the IDE
  • Filter on the issues which do not comply with company security requirements
  • Detection of compliance problems, as established by the security teams.

This release is made available today in a number of developer marketplace IDEs, namely VSCode, Intellij and Eclipse and will be available on the enterprise platform from July.

Vist 42Crunch at Gartner Security & Risk Management Summit – Stand #254

1. How to Select DevSecOps Tools for Secure Software Delivery. Published 16 January 2023 By Analyst(s): Manjunath Bhat, Mark Horvath, Dale Gardner

About Gartner Security & Risk Management Summit

Gartner Security & Risk Management Summit provides research and advice for security and risk management leaders on topics including business continuity management, cloud security, privacy, securing the Internet of Things (IoT), and the chief information security officer (CISO) role. Gartner analysts will present the latest information on new threats to prepare leaders for enabling digital business in a world of escalating risk.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About 42Crunch

42Crunch enables a standardized approach to securing APIs that automates the enforcement of API security compliance across distributed development and security ecosystems. Our API security testing and protection services are used by Fortune 500 enterprises and over 800,000 developers worldwide. The 42Crunch API security platform empowers developers to build security from the IDE into the API pipeline and gives application security teams control of security policy enforcement from the CI/CD across the entire API lifecycle. This seamless DevSecOps approach to API security reduces governance costs and accelerates the delivery of secure APIs. Visit to learn more and sign up for the industry’s #1 online API Security community newsletter at

Hugh Carroll
+353 86 6049270

Latest Resources


Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.


How to Improve Developer Productivity and API Security Posture

By Hugh Carroll | May 20, 2024

Automate API Documentation and Security Analysis The proliferation of APIs has made them an attractive target for bad actors, so organizations need to adopt a multi-layered approach to protect their APIs. This starts with API design and progresses to the deployment and production runtime phases. To implement API […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.