Hugh Carroll

Hugh leads 42Crunch’s global marketing strategy and works closely with sales, partners, analysts and customers to raise awareness for the company’s API security solutions.

How to Improve Developer Productivity and API Security Posture

By Hugh Carroll / May 20, 2024

Automate API Documentation and Security Analysis The proliferation of APIs has made them an attractive target for bad actors, so organizations need to adopt a multi-layered approach to protect their APIs. This starts with API design and progresses to the deployment and production runtime phases. To implement API security from the early stages effectively requires […]

How to Protect your APIs from Broken Authentication and Unrestricted Resource Consumption

By Hugh Carroll / March 12, 2024

In a follow-up to our recent blogpost which explored the OWASP API Authorization risks, this week we share highlights of our webinar which featured Philippe De Ryck and Isabelle Mauny talking about the Authentication challenges encountered when protecting your APIs.  They explored just how potentially dangerous the combination of the two OWASP API Top 10 […]

How to Protect APIs from OWASP Authorization Risks: BOLA, BOPLA & BFLA

By Hugh Carroll / February 20, 2024

The OWASP API Top Risks listing identifies three different Authorization challenges  Coding issues relating to Authorization configuration failures continue to present a significant challenge for development and security teams building and protecting APIs. Just read any issue of our fortnightly newsletter and you’ll discover that Authorization-based breaches are at the root of a large […]

The OWASP API Security Top 10 Has Been Updated – How Are Companies Reacting?

By Hugh Carroll / August 8, 2023

The OWASP API Security Project released an updated version of the OWASP Top 10 for APIs last month. In the intervening years since the first edition was published in 2019 API security has risen to become arguably the most pressing area of focus for CISOs and Heads of Application Security today. Certainly, at 42Crunch we […]

42Crunch Announces Next Generation of API Security Testing Services at Gartner® Security & Risk Management Summit 2023

By Hugh Carroll / June 5, 2023

42Crunch announces the latest set of API security testing and threat protection capabilities:
Support for scenarios testing
Automatic authorization testing to detect API 1 and API 5
Automatic authentication testing to detect API 2 issues

42Crunch recognized as a Microsoft Security Excellence Awards finalist for Security Software Innovator

By Hugh Carroll / March 14, 2023

San Francisco, CA — March 14, 2023.  42Crunch, the Developer-First API Security platform today announced it is a Security Software Innovator award finalist in the Microsoft Security Excellence Awards. The company was honored among a global field of industry leaders that demonstrated success across the security landscape during the past 12 months. Jacques Declas, CEO […]

42Crunch Strengthens Shift-Left for API Security with API Scan from Inside IDE

By Hugh Carroll / September 21, 2022

500,000 API Developers secure APIs as they develop from inside their favorite IDEs 19 September, 2022 – San Francisco, API Specifications Conference (ASC) – 42Crunch, the Developer First API Security platform company, announced today at ASC the availability of the platform’s API Scan service inside the leading IDEs for developers. With over 500,000 developers already […]

Why Developer-First API Security is Prevailing in Enterprise

By Hugh Carroll / March 7, 2022

Why Developer-First API Security is Prevailing in Enterprise. The DevSecOps movement has led to a distinct “shift-left” in the enterprise where tasks are moved earlier in the development cycle so that developers can directly address production concerns as the code is being written. Companies are realizing greater business benefits from this shift-left approach, with accelerated […]

How Developers Can Become API Security Champions

By Hugh Carroll / February 15, 2022

Question: Everyone is talking about DevSecOps, why are we not able to fix the security issues? Despite the obvious challenges, Colin believes that the industry has made progress as compared to ten years ago when very insecure code was prevalent. Today’s code is definitely more secure and security is improving — thankfully most developers are […]

How to test API security throughout the API lifecycle with Postman and 42Crunch

By Hugh Carroll / June 23, 2021

Postman, the API collaboration platform for developers, advocates an API-First approach for companies. Using 42Crunch, API developers and application security teams can now implement API security design and testing as part of their API-First approach in Postman. Kin Lane, chief Evangelist with Postman recently joined Isabelle Mauny, Field CTO at 42Crunch for a webinar to […]

Ready to Learn More?

Developer-first solution for delivering API security as code.