NEWS

42Crunch Announces Full Kubernetes Support to Automate Zero-Trust API Security Across Microservices Architecture

42Crunch Allows Organizations to Extend Comprehensive API Security Beyond the Edge, to Each and Every Container in Kubernetes Environments

SINGAPORE, JULY 16, 2019 — Today at RSA Asia Pacific & Japan 2019, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the latest release of its API security platform with full support for Kubernetes environments. This new solution allows organizations to easily automate API security across Kubernetes environments – enabling the zero-trust architecture needed to protect each microservice and scale without risk.

The rapid adoption of microservices architectures and Kubernetes lead to the proliferation of APIs exposed by these microservices. Developers employ agile practices to quickly iterate on these microservices. Combined, these trends lead to hundreds if not thousands of rapidly changing APIs that modern enterprises often host and need to secure.

Traditional solutions such as Web Application Firewalls (WAF) and API Management tools rely on static rules and policies, and edge protection. While these solutions provide some security functionality within your environment, they still leave the individual microservices vulnerable to API attacks.

Through a fully automated platform, 42Crunch extends security beyond the edge of the enterprise to each individual microservice, protecting them with an ultra-low latency micro API firewall that can be deployed at scale. 42Crunch API firewall is merely 20 MB in size and when deployed in sidecar proxy mode in Kubernetes pods enforces API security with sub-millisecond overhead. This eliminates the manual process of writing and maintaining individual API security policies, and enforces a zero-trust security architecture.

“Since the initial launch of the 42Crunch API Security platform our customers have informed us that edge protection is no longer enough,” says Jacques Declas, CEO and founder of 42Crunch. “We are excited to make our Kubernetes-native API protection commercially available. Now the teams working on large numbers of microservices can be sure that each and every one of them automatically stays secure throughout its lifecycle.”

In addition, 42Crunch’s unique approach integrates with companies’ DevSecOps pipeline and delivers automated API security across the whole API lifecycle:

  • AUDIT: Run 200+ security audit tests of the OpenAPI specification definition with detailed security scoring to help developers define and strengthen API contract.
  • SCAN: Scan live API endpoints to discover potential vulnerabilities and discrepancies of the API implementation against the API contract.
  • PROTECT: Launch service to protect APIs and apply policies that can be deployed in our lightweight, low-latency micro API firewall.

42Crunch will be participating in RSA Asia Pacific & Japan 2019 as both an exhibitor and speaker. Join Matthieu Estrade, CTO, at 9:00 on Thursday, July 18th for his talk: “API Security: Learning from the 20 Years of AppSec Failures,” located in Orchid 4203. Visit the 42Crunch team at booth 1708 to learn more about how we can help you automate API security in your microservices environment.

About 42Crunch
42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, the 42Crunch platform empowers development, security and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity.

 

 

Try our security audit for free. If you want to see the whole platform in action, request a demo now!

For news on all things API – visit APIsecurity.io and sign up for the weekly newsletter.

Download the free VS Code OpenAPI Editor

Latest Resources

WEBINAR

Something Old, Something New – OWASP API Security Top 10 in 2023

42Crunch’s Colin Domoney takes a look at the new OWASP API Security 2023 listing, identifying which vulnerabilities are new, which have not changed and which have been removed.

BLOG

How to Embed API Security Testing into the Development Lifecycle without Delaying Production Rollout

By Mark Dolan | September 19, 2023

This is the first in a 3-part series of blogs exploring how 42Crunch assists enterprises with API security compliance. In her seminal blogpost, “Shifting Security to the Left” Shannon Lietz explains how including security testing earlier in the development lifecycle makes for longer-lived and more resilient software. The principles she advocates for are also what guides us at 42Crunch..

DataSheet

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.