42Crunch Announces Next Generation of API Security Testing Services at Gartner® Security & Risk Management Summit 2023

Enhances API Security Governance and Reduces Developer Friction

Gartner Security & Risk Management Summit, National Harbor, Md. June 5,

42Crunch, the API Security platform company, announced the latest set of API security testing and threat protection capabilities, designed to ensure companies build APIs that are secure by default and don’t impede the developer workflow. Companies will benefit from these latest advancements by enhancing their overall API security governance and compliance while simultaneously speeding up the delivery of secure APIs.

The 42Crunch API security platform is successfully deployed by Global 2500 enterprises and Government agencies worldwide and now has over 800,000 developers using its services to secure their APIs.

According to a Gartner report Software engineering leaders should, “build and deliver secure software. Select tools that integrate security seamlessly into developer workflows without compromising developer experience. This ensures that software is ‘secure by default.’ They should adopt tools at each phase of the SDLC — plan, create, verify, pre-production, release, configure and operate.”¹

Commenting on this latest release, Isabelle Mauny, Field CTO and co-founder at 42Crunch said, “Our mission is to help security and development teams work closer together. By integrating our API security testing services into the developer workflow at the IDE and CI/CD levels, we enable a trust, but verify approach for security officers to govern the API security process. Companies are able to reduce developer friction and accelerate the time to market of secure API-driven services.”

Key Features include:

New generation of API security testing engine:

  • Support for scenarios testing
  • Automatic authorization testing to detect API 1 and API 5 issues
  • Automatic authentication testing to detect API 2 issues

Those tests are enriching the existing set of tests used by our major customers which trigger faulty API behaviors that typical hacking would trigger, including injection of data (API6 / API 8) detection of data leakage (API3), or security misconfigurations (API7).

Available via CI/CD and from the developer’s IDE.

  • Test operation by operation
  • Easily reproduce issues from within the IDE
  • Filter on the issues which do not comply with company security requirements
  • Detection of compliance problems, as established by the security teams.

This release is made available today in a number of developer marketplace IDEs, namely VSCode, Intellij and Eclipse and will be available on the enterprise platform from July.

Vist 42Crunch at Gartner Security & Risk Management Summit – Stand #254

1. How to Select DevSecOps Tools for Secure Software Delivery. Published 16 January 2023 By Analyst(s): Manjunath Bhat, Mark Horvath, Dale Gardner

About Gartner Security & Risk Management Summit

Gartner Security & Risk Management Summit provides research and advice for security and risk management leaders on topics including business continuity management, cloud security, privacy, securing the Internet of Things (IoT), and the chief information security officer (CISO) role. Gartner analysts will present the latest information on new threats to prepare leaders for enabling digital business in a world of escalating risk.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About 42Crunch

42Crunch enables a standardized approach to securing APIs that automates the enforcement of API security compliance across distributed development and security ecosystems. Our API security testing and protection services are used by Fortune 500 enterprises and over 800,000 developers worldwide. The 42Crunch API security platform empowers developers to build security from the IDE into the API pipeline and gives application security teams control of security policy enforcement from the CI/CD across the entire API lifecycle. This seamless DevSecOps approach to API security reduces governance costs and accelerates the delivery of secure APIs. Visit to learn more and sign up for the industry’s #1 online API Security community newsletter at

Hugh Carroll
+353 86 6049270

Latest Resources


Something Old, Something New – OWASP API Security Top 10 in 2023

42Crunch’s Colin Domoney takes a look at the new OWASP API Security 2023 listing, identifying which vulnerabilities are new, which have not changed and which have been removed.


How to Embed API Security Testing into the Development Lifecycle without Delaying Production Rollout

By Mark Dolan | September 19, 2023

This is the first in a 3-part series of blogs exploring how 42Crunch assists enterprises with API security compliance. In her seminal blogpost, “Shifting Security to the Left” Shannon Lietz explains how including security testing earlier in the development lifecycle makes for longer-lived and more resilient software. The principles she advocates for are also what guides us at 42Crunch..


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.