NEWS

APImetrics and 42Crunch Collaborate to Close the Loop on API Governance and Compliance

42Crunch and APImetrics offer best-of-breed API security enforcement and API performance and SLA validation.

 

November 22, 2022, Seattle, WA
APImetrics and 42Crunch are collaborating to offer a holistic view across the API lifecycle and dive deep into the API runtime, providing unparalleled observability of the real-world behavior and security of API products.
Companies can verify that the critical security API properties are enforced and operate as designed and specified when APIs are running in production.

“We are excited to work with 42Crunch to help companies interpret the performance and validate their API security design work at run-time,” said David O’Neill, co-founder and CEO at APImetrics. “The time has come to close the loop between the design time and the level of service at run time and see quality as a continuous end-to-end service.”

“Our Developer-First API security platform uniquely combines a ‘shift-left’ design approach with runtime API security policy enforcement that complements APImetrics,” said Jacques Declas, CEO of 42Crunch. “With the ever-increasing number of APIs that we are securing, we’re delighted to partner with APImetrics to now demonstrate the API security performance and quality of the API service at runtime in accordance with corporate governance policies.”

APImetrics is the leading API-native quality and conformance validation platform that provides a real-time view of production API operations from the perspective of external users.
42Crunch provides end-to-end protection for API developers and security practitioners by providing a platform to automate security into the API development pipeline and giving full visibility and control of security policy enforcement at every stage of the API lifecycle.
The combined solution enables API providers, such as major banks and telecom operators, to shift-left and shield right and ensure that production APIs are delivering operational security and adherence to specifications as designed.

“API providers, especially those in heavily regulated industries, are starting to grasp the need to verify API behavior in production, from the perspective of the end user,” said O’Neill. “Validating that the design is of high quality and secure is a critical part, but what happens the next day, week or month? Enterprises need to have assurance that what was built is what continues to deliver day in and day out. 42Crunch and APImetrics can offer that assurance.”

Moving forward, APImetrics plans to capitalize on its privileged view across the runtime environment to extend its shift-right validation capabilities to ensure that API-native authentication and authorization policies are in force and behaving as expected.
Recent research from API design management provider Stoplight indicated that while 90% of organizations have authentication policies in place, only 31% had confidence that those policies were operating adequately.
Securing APIs requires a comprehensive approach, and having design time, run-time and other critical needs covered will become essential to delivering assurance to users and stakeholders alike.

“We are long past the time when companies could self-certify the compliance of their designs, they now need to be able to prove it to themselves, their customers and regulators,” O’Neill said.

About APImetrics
APImetrics offers the industry’s only intelligent, analytics-driven API performance solution built specifically for the enterprise. By interfacing with current and legacy API protocols, APImetrics helps CIOs, customer success teams, developers, and vendors validate that their APIs perform as designed. Monitoring is supported by analytics and fully customizable downtime alerts to deliver the actionable intelligence needed by the enterprise to meet service level agreements and customer expectations. APImetrics offers cross-cloud monitoring services for some of the largest banks, telecommunications providers and IoT providers in the world. The company is headquartered in Seattle, WA. More information is available at APImetrics.io and API.expert.

About 42Crunch
42Crunch provides continuous API security to protect the digital business. Our unique developer-first API security platform enables developers to build and automate security into their API development pipeline and gives security teams full visibility and control of security policy enforcement throughout the API lifecycle. Deployed by Global 2500 enterprises and over 500,000 developers worldwide, 42Crunch enables a seamless DevSecOps experience to reduce governance costs and accelerate the rollout of secure APIs. Visit https://42crunch.com to learn more and sign up to the industry’s #1 online API Security community newsletter at https://APIsecurity.io.

Latest Resources

WEBINAR

Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.

BLOG

How to Protect APIs from OWASP Authorization Risks: BOLA, BOPLA & BFLA

By Hugh Carroll | February 20, 2024

The OWASP API Top Risks listing identifies three different Authorization challenges  Coding issues relating to Authorization configuration failures continue to present a significant challenge for development and security teams building and protecting APIs. Just read any issue of our fortnightly APIsecurity.io newsletter and you’ll discover that Authorization-based breaches […]

DataSheet

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.