42Crunch raises $17m in Series A to solve global API security threat

London, UK – 42Crunch, the API security leader, today announces that it has secured $17 million in a Series A investment led by Energy Impact Partners, a leading global investment firm, joined by Adara Ventures. 42Crunch is the creator of the world’s first Application Programming Interface (API) micro-firewall and a pioneer in protecting APIs against attacks listed in the OWASP Top 10 for API Security.

As stated in the Gartner report, ‘API Security: What You Need to Do to Protect Your APIs, “By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.”

“What do the recent data breaches at Facebook, MGM Grand and Clubhouse have in common? They all came about due to API vulnerabilities,” said CEO and Co-Founder of 42Crunch, Jacques Declas. “83% of internet traffic now comes from APIs but traditional firewall approaches are not adapted to cope with the specific threats that APIs create.”

Traditional firewalls rely on patterns and signatures to detect potential issues – an approach which does not work for API traffic and results in a massive number of false positives. The 42Crunch platform has been designed to individually protect each API, stopping common cyber-attacks such as injections but also API-specific attacks such as those affecting the iPhone call recorder app and SolarWinds. Moreover, 42Crunch’s micro-firewall has been designed to be embedded with the APIs they protect, providing defence in-depth for microservice architectures, without the latency or deployment cost usually associated with traditional firewall solutions.

Isabelle Mauny, Co-founder and CTO of 42Crunch, said, “Protecting APIs from threats at runtime is only part of the story. APIs will only be truly secured when security becomes part of the developer’s flow, rather than an afterthought.” 42Crunch is focused on securing APIs by empowering DevOps teams with automated cybersecurity tools. It is the only platform that allows continuous discovery, audit, scanning and protection of APIs throughout their entire lifecycle – from design to production – enabling enterprises managing thousands of APIs to deliver security at scale. 42Crunch is also dedicated to educating the developer community through its forum

Isabelle Mauny added, “Development has changed in the past decade, becoming extremely agile, with the adoption of loose coupling architectures and Kubernetes. The cost of fixing security flaws at production time is a major issue for enterprises. Our mission is to make API threat protection as agile and automated as development. The overwhelming success of our platform plugins, which have now been installed by 200k developers, is proof that security can truly become part of the whole API lifecycle, provided developers are equipped with the right tools.”

Nazo Moosa, Co-Managing Partner, Energy Impact Partners added: “42Crunch’s ‘shift-left approach’ to the creation of secure-by-design APIs fits strongly with EIP’s vision of protecting global critical infrastructure. The company’s six-digit customer wins last year were catalytic to our decision to lead the round. Having established partnerships with companies such as Mulesoft and Qualys and secured Fortune 500 customers in the financial, automotive and insurance industries, our goal is to help 42Crunch build on this commercial traction and expand in the US, APAC and Europe.”

Jacques Declas, Co-founder and CEO, 42Crunch, added: “Energy Impact Partners shares our vision of helping developers to be the driving force behind API security. With this new investment, we will be able to accelerate product innovation, expand our go-to-market strategy, and accelerate customer acquisition in 2021 and beyond.”

About 42Crunch

42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, the 42Crunch platform empowers development, security and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity. Visit to learn more. Visit our online community at

About Energy Impact Partners

Energy Impact Partners (EIP) is a global investment platform leading the transition to a sustainable energy future. EIP brings together entrepreneurs and the world’s most forward-looking energy and industrial companies to advance innovation. With over $1.5 billion in assets under management, EIP invests globally across venture, growth, credit and infrastructure – and has a team of more than 45 professionals based in its offices in New York, San Francisco, Palm Beach, London, Cologne and soon Oslo. For more information on EIP, please visit


Media contact: Emma Thorpe,, +44 (0)7909 974958

Latest Resources


Review of Major API Security Breaches from H1 2024

In this latest webinar, Anthony Lonergan, reviews some of the most recent high-profile API breaches that occurred in 2024.
Anthony will give a detailed overview of each attack and explain how the different vulnerabilities could be exploited to compromise the companies involved. He then practically demonstrates how companies can remediate against these vulnerabilities order to better protect their APIs.


The Scourge of SQL Injection for APIs

By Anthony Lonergan | June 25, 2024

In a report published in May 2024, cybersecurity firm Eclypsium outlined key vulnerabilities discovered in the F5 Big IP Next device. It’s another sobering reminder of the challenges faced in securing APIs when a highly regarded security company like F5 launches a new flagship product with all-too-familiar vulnerabilities […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.