NEWS

APImetrics and 42Crunch Collaborate to Close the Loop on API Governance and Compliance

42Crunch and APImetrics offer best-of-breed API security enforcement and API performance and SLA validation.

 

November 22, 2022, Seattle, WA
APImetrics and 42Crunch are collaborating to offer a holistic view across the API lifecycle and dive deep into the API runtime, providing unparalleled observability of the real-world behavior and security of API products.
Companies can verify that the critical security API properties are enforced and operate as designed and specified when APIs are running in production.

“We are excited to work with 42Crunch to help companies interpret the performance and validate their API security design work at run-time,” said David O’Neill, co-founder and CEO at APImetrics. “The time has come to close the loop between the design time and the level of service at run time and see quality as a continuous end-to-end service.”

“Our Developer-First API security platform uniquely combines a ‘shift-left’ design approach with runtime API security policy enforcement that complements APImetrics,” said Jacques Declas, CEO of 42Crunch. “With the ever-increasing number of APIs that we are securing, we’re delighted to partner with APImetrics to now demonstrate the API security performance and quality of the API service at runtime in accordance with corporate governance policies.”

APImetrics is the leading API-native quality and conformance validation platform that provides a real-time view of production API operations from the perspective of external users.
42Crunch provides end-to-end protection for API developers and security practitioners by providing a platform to automate security into the API development pipeline and giving full visibility and control of security policy enforcement at every stage of the API lifecycle.
The combined solution enables API providers, such as major banks and telecom operators, to shift-left and shield right and ensure that production APIs are delivering operational security and adherence to specifications as designed.

“API providers, especially those in heavily regulated industries, are starting to grasp the need to verify API behavior in production, from the perspective of the end user,” said O’Neill. “Validating that the design is of high quality and secure is a critical part, but what happens the next day, week or month? Enterprises need to have assurance that what was built is what continues to deliver day in and day out. 42Crunch and APImetrics can offer that assurance.”

Moving forward, APImetrics plans to capitalize on its privileged view across the runtime environment to extend its shift-right validation capabilities to ensure that API-native authentication and authorization policies are in force and behaving as expected.
Recent research from API design management provider Stoplight indicated that while 90% of organizations have authentication policies in place, only 31% had confidence that those policies were operating adequately.
Securing APIs requires a comprehensive approach, and having design time, run-time and other critical needs covered will become essential to delivering assurance to users and stakeholders alike.

“We are long past the time when companies could self-certify the compliance of their designs, they now need to be able to prove it to themselves, their customers and regulators,” O’Neill said.

About APImetrics
APImetrics offers the industry’s only intelligent, analytics-driven API performance solution built specifically for the enterprise. By interfacing with current and legacy API protocols, APImetrics helps CIOs, customer success teams, developers, and vendors validate that their APIs perform as designed. Monitoring is supported by analytics and fully customizable downtime alerts to deliver the actionable intelligence needed by the enterprise to meet service level agreements and customer expectations. APImetrics offers cross-cloud monitoring services for some of the largest banks, telecommunications providers and IoT providers in the world. The company is headquartered in Seattle, WA. More information is available at APImetrics.io and API.expert.

About 42Crunch
42Crunch provides continuous API security to protect the digital business. Our unique developer-first API security platform enables developers to build and automate security into their API development pipeline and gives security teams full visibility and control of security policy enforcement throughout the API lifecycle. Deployed by Global 2500 enterprises and over 500,000 developers worldwide, 42Crunch enables a seamless DevSecOps experience to reduce governance costs and accelerate the rollout of secure APIs. Visit https://42crunch.com to learn more and sign up to the industry’s #1 online API Security community newsletter at https://APIsecurity.io.

Latest Resources

WEBINAR

Protect Your APIs with Microsoft Azure Sentinel and 42Crunch Platforms

This webinar showcases how users of the Microsoft Azure Sentinel platform via the 42Crunch platform integration can proactively protect their APIs. By leveraging 42Crunch’s API security platform, Azure Sentinel users gain visibility into their API infrastructure, identify vulnerabilities, and mitigate risks.

BLOG

42Crunch member of MISA

Why 42Crunch’s MISA Certification is Important for API Security

By Tom Chang | January 10, 2023

42Crunch is the first API Security platform vendor to join the Microsoft Intelligent Security Association (MISA). By combining Microsoft Sentinel’s intelligent analytics with 42Crunch’s API design and run-time security controls enterprises gain a holistic view of their API security program.

DataSheet

Datasheet Cover Images P1-02

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.