LIVE WEBINAR: Are You Properly Using JWTs?

JSON Web tokens (JWTs) are used massively in API-based applications as access tokens or to transport information across services. Unfortunately, JWT are often mis-used and incorrectly handled. Massive data breaches have occurred in the last 18 months due to token leakage and lack of proper of validation. This session focuses on best practices and real […]

Continue reading


42crunch and Yenlo Announce Partnership

Amsterdam and Paris, December 18, 2019 – Global integration- and API management specialist Yenlo and specialist in API security 42Crunch, today announced a strategic partnership to secure and enforce API-policies as an added value service to Yenlo’s growing API business across the world. 42Crunch offers an enterprise-grade, full-fledged, end-to-end API security platform. Using the 42Crunch platform, enterprises have […]

Continue reading


WEBINAR: 42Crunch Platform Demo: No PowerPoint, no BS, just ACTION!

Here’s the deal… The 42Crunch solution lets you describe security as code as part of your OpenAPI specification files, allowing you to entirely automate the API security process, from the very beginning of the API lifecycle. Developers can simply annotate their API contracts to describe the required security policies and we process those annotations to […]

Continue reading


WEBINAR: Positive Security for APIs – What it is and why you need it!

Positive Security for APIs: What it is and why you need it! Many of the issues on the OWASP API Security Top 10 are triggered by the lack of input or output validation. Here are a few illustrative real-life examples on this: Drupal suffered a major issue in February 2019: a remote code execution flaw […]

Continue reading


Positive Security for APIs: what it is and why you need it!

When visiting prospects or presenting our solution at conferences, we inevitably get asked the same question: what’s the difference between your solution and a Web Application Firewall (WAF)? The core difference is that we know what we are protecting, WAFs don’t. WAFs were built to protect web applications and there is no standard way to […]

Continue reading


WEBINAR: The OWASP API Security Top 10

The OWASP API Security Top 10 In recent years, large reputable companies such as Facebook, Google and Equifax have suffered major data breaches that combined exposed the personal information of hundreds of millions of people worldwide. The common vector linking these breaches – APIs. The scale and magnitude of these breaches are the reason API […]

Continue reading