NEWS

New API Firewall Non-blocking Mode in Latest 42Crunch Release

The 42Crunch August 2019 release introduces a new API firewall non-blocking mode so you can test how it affects your existing API traffic without impacting consumers, a deeper integration between the security audit and editor for seamless navigation, and an enhanced audit issue view for faster editing. (See the release notes for additional details on full list of updates.)


New Feature Highlights

 

API Firewall Non-blocking Mode
42Crunch leverages the API contract to enforce security using our micro API firewall. The runtime is fully optimized to be deployed and run in Kubernetes environment and can protect North-South and East-West microservices traffic. With minimal latency and footprint, it can be deployed against hundreds of API endpoints with minimal impact.

When configured in non-blocking mode, API Firewall instances protecting your API execute security policies normally but do not block any transactions, only report on what would have been blocked. This allows users to:

  • Test how API Firewall affects your existing API traffic without impacting your API consumers
  • Discover API requests and endpoints that currently go unnoticed
  • Troubleshoot problems

Dashboards are populated normally, so you can easily see what would have happened.

 

 

Integrated Security Audit report and Security Editor
The security editor has now a tighter integration with the audit report viewer. Users can:

  • Easily navigate back and forth between the report and the editor
  • Quickly find the core issues to fix in the report by toggling between the audit report and editor

 

 

Improved Audit Issue View
Viewing the issues that Security Audit discovered has been improved in both the audit report and Security Editor: that enhances the capacity to view, navigate and fix issues uncovered by the Audit – helping developers to quickly edit their contracts.

  • View your code and the issue details side by side in the audit report
  • Jump to the next or previous issue in the audit report directly in the issue view
  • Filter the shown issues in Security Editor by severity to address most critical first
  • Click issues listed in Security Editor to view the message inline.
  • Choose which you rather see in Security Editor, the issue details or the issue list — clicking an issue no longer automatically opens the issue details, so that it is easier to get the overall picture
  • Expand the issue details in Security Editor to full screen for better readability

 

 

Try our security audit for free. If you want to see the whole platform in action, request a demo now!

For news on all things API – visit APIsecurity.io and sign up for the weekly newsletter.

Latest Resources

WEBINAR

Webinar Series - Defending APIs with Jim Manico

Defending APIs with Jim Manico – Episode 1

Episode 1: Request Forgery on the Web – CSRF & SSRF

November 10, 2022 | 9am PST | 5pm BST

Join Jim Manico, CEO of Manicode and Colin Domoney from 42Crunch, as they deliver a 2-part webinar series to help developers better defend APIs.

BLOG

Empathy for the API Developer

By Colin Domoney | July 25, 2022

Colin Domoney from 42Crunch, in his recent article on DevOps.com, addresses the disconnect between development and security teams and explains the key challenges facing developers in creating secure API code. Better understanding of the challenges on both sides can help create greater empathy which in turn can help […]

DataSheet

Datasheet Cover Images P1-02

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.