42Crunch API Security Platform May 2021 Release

Our May 2021 update just went live, and I am here to tell you the details.

Updated CI/CD plugins and repository data in the platform

42Crunch provides off-the-shelf plugins for a variety of CI/CD pipelines.

These can discover OpenAPI files in the repository, upload them to the 42Crunch platform, perform Security Audit, and succeed or fail depending on the audit results.

We have released new major versions of these plugins:

  • For API collections and APIs created and updated by the plugins, the 42Crunch user interface now shows their repository information: repository, branch, and path

  • On subsequent runs, the plugins automatically update the API collection created for this repository and branch. APIs deleted from the branch get removed, new APIs added, existing APIs updated to the latest version of the OpenAPI file.
  • You can set up the plugins to create these branch collections as private or share them with your organization.

See our CI/CD documentation for details.

Security Audit improvements: Better loose pattern detection, 406 response check

We keep improving our static analysis – 42Crunch Security Audit.

  • Loose string pattern check now goes beyond the proverbial .* and .+ and covers many more similar patterns. About 160 more. 😉 This helps protect APIs against injection attacks and other unexpected inputs.
  • 406 response check helps follow the best practices and define the Not Acceptable API response.

Scan Report: Clear separation of tests and issues

Conformance Scan reports now clearly separate information on the tests performed and the issues that the tests uncovered.

Postman Collection

If you want to learn more about using 42Crunch’s own APIs for platform scripting and integration, we have published our official Postman collection.

And there’s more

See our release notes for other improvements, fixes, known issues, and compatible versions of the 42Crunch firewall and conformance scan agent.

Latest Resources


Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.


What’s the best way to test an API for vulnerabilities? RTFM

By Tom Chang | June 11, 2024

If you’re a child of the 80s like me, you may have had the distinction of being the only one in your house who knew how to program your VCR. My motivation was strong. Clarinet lessons were interfering with my favorite show, the A Team. I was the […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.