DevSecOps is a hot topic at the moment, and particularly relevant when dealing with API development. APIs are growing at an exponential rate: not only are they the backbone of any application, but microservices architecture imply exposing internal APIs for every microservice or group of microservices. The average number of APIs to protect within an […]
Thank You for Joining Us at API World
We hope that you have had some time to catch up from API World last week! Thank you for stopping by our booth and sessions. Below are a few things that you may be interested in: 42Crunch Collateral: OWASP API Security Top 10 Cheat Sheet: http://bit.ly/2Bcjoms 42Crunch Overview: http://bit.ly/2MECCXe Presentation Slides: The Dev, Sec […]
42Crunch Adds API Security Audit to its Visual Studio Code OpenAPI Extension
SAN JOSE, OCTOBER 9, 2019 — Today at API World, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the availability of REST API Security Audit functionality in its popular OpenAPI extension for Microsoft Visual Studio Code — making it easier than ever to enable a DevSecOps process for API security. […]
Addressing Harbor Registry Vulnerability with 42Crunch
Hot from the press! There is a mass assignment vulnerability in the Harbor registry. Mass assignment is entry A6 on the OWASP API Security Top 10 list. A6 is described in the OWASP API Security Top 10 as: An API endpoint is vulnerable if it automatically converts client parameters into internal object properties without considering […]
Join 42Crunch at the API Specifications Conference
Come hang out with 42Crunch at the API Specifications Conference this October in Vancouver! OpenAPI Initiative’s API Specifications Conference (ASC) is a place for API practitioners to come together and discuss the evolution of API technology. ASC includes cutting edge technology keynotes and sessions that chart the future of APIs, in-depth specification and standards […]
API Security is not Web Application Security!
When we started 42Crunch 3 years ago, we were convinced that a new market segment would emerge: API security. And the market is now catching up with our vision! This is exemplified by the recent release of the OWASP Top 10 for API Security threats document, which highlights threats that do not apply to traditional […]
We Need the Controller Layer Back!
A couple days ago, I gave an API security workshop to highlight the OWASP Top 10 issues for APIs and some of the mistakes we keep doing at development time and pay for at runtime. Many of the issues related to data, such as improper data filtering, mass assignment or excessive data exposure, could be […]
New API Firewall Non-blocking Mode in Latest 42Crunch Release
The 42Crunch August 2019 release introduces a new API firewall non-blocking mode so you can test how it affects your existing API traffic without impacting consumers, a deeper integration between the security audit and editor for seamless navigation, and an enhanced audit issue view for faster editing. (See the release notes for additional details on full list […]
Join 42Crunch at API World 2019
Come hang out with 42Crunch at API World this October in San Jose, CA – Booth 306! API World is the world’s largest API & microservices conference & expo with tracks covering API Lifecycle, Microservices architecture, API Innovations, and more. Join some of our API security experts for their presentations! The Dev, Sec […]
Revolutionizing API Security – 42Crunch + Digital Anarchist
42Crunch CEO, Jacques Declas, sat down with Alan Shimel of Digital Anarchist at this year’s RSA APJ show to discuss new trends in API Security, DevSecOps, and what tools you need to keep up! [Alan Shimel] Hey everyone, it’s Alan Shimel for DevOps.com Security Boulevard. We’re here in Singapore at RSA APJ. We’re right […]
