New API Firewall Non-blocking Mode in Latest 42Crunch Release

The 42Crunch August 2019 release introduces a new API firewall non-blocking mode so you can test how it affects your existing API traffic without impacting consumers, a deeper integration between the security audit and editor for seamless navigation, and an enhanced audit issue view for faster editing. (See the release notes for additional details on full list of updates.)

New Feature Highlights


API Firewall Non-blocking Mode
42Crunch leverages the API contract to enforce security using our micro API firewall. The runtime is fully optimized to be deployed and run in Kubernetes environment and can protect North-South and East-West microservices traffic. With minimal latency and footprint, it can be deployed against hundreds of API endpoints with minimal impact.

When configured in non-blocking mode, API Firewall instances protecting your API execute security policies normally but do not block any transactions, only report on what would have been blocked. This allows users to:

  • Test how API Firewall affects your existing API traffic without impacting your API consumers
  • Discover API requests and endpoints that currently go unnoticed
  • Troubleshoot problems

Dashboards are populated normally, so you can easily see what would have happened.



Integrated Security Audit report and Security Editor
The security editor has now a tighter integration with the audit report viewer. Users can:

  • Easily navigate back and forth between the report and the editor
  • Quickly find the core issues to fix in the report by toggling between the audit report and editor



Improved Audit Issue View
Viewing the issues that Security Audit discovered has been improved in both the audit report and Security Editor: that enhances the capacity to view, navigate and fix issues uncovered by the Audit – helping developers to quickly edit their contracts.

  • View your code and the issue details side by side in the audit report
  • Jump to the next or previous issue in the audit report directly in the issue view
  • Filter the shown issues in Security Editor by severity to address most critical first
  • Click issues listed in Security Editor to view the message inline.
  • Choose which you rather see in Security Editor, the issue details or the issue list — clicking an issue no longer automatically opens the issue details, so that it is easier to get the overall picture
  • Expand the issue details in Security Editor to full screen for better readability



Try our security audit for free. If you want to see the whole platform in action, request a demo now!

For news on all things API – visit and sign up for the weekly newsletter.

Latest Resources


Something Old, Something New – OWASP API Security Top 10 in 2023

42Crunch’s Colin Domoney takes a look at the new OWASP API Security 2023 listing, identifying which vulnerabilities are new, which have not changed and which have been removed.


Analyst Report: Review of Partnership Between 42Crunch and Microsoft

By Dr. Edward Amoroso | November 29, 2023

This  analyst report prepared by Dr. Edward Amoroso, CEO of Tag Infosphere Inc, offers a review of the recently announced partnership between cybersecurity vendor 42Crunch and Microsoft. Introduction The recently announced partnership between 42Crunch and Microsoft, integrating 42Crunch’s API security solutions 1 with Microsoft Defender for Cloud 2, […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.