42Crunch Blog

Featured

LOSING MY RELIGION: Successful and unsuccessful approaches to API Security in a global enterprise – A take on Ford Motor Company’s approach to API security and the journey to enforce security compliance while ensuring productivity of thousands of developers managing thousands of APIs.   The Cybersecurity Snowball Effect With development Communities and product teams, there …

March 31, 2021

We have just updated our API Security platform, and I want to tell you all about it. 100+ New Security Audit Checks Security Audit checks related to authentication just had a major revamp. Now instead of generic articles on insecure authentication methods, we provide specific information for each case, including: API Key passed as a …

Today we are happy to announce the global availability of the latest version of the 42Crunch API Security Platform. We have updated our community deployment used by thousands of API developers worldwide, our IDE plugins, online tools, and deployments used by our enterprise customers. Below is a summary of the biggest new features and improvements. …

Spring Boot is a popular framework to build applications and APIs. Leveraging the Springfox project and code annotations, developers can generate OAS files with a high 42Crunch Security Audit score. What is the 42Crunch Security Audit? The 42Crunch Security Audit is one of 3 services from the 42Crunch API Security Platform: it consumes OpenAPI (Swagger) …

Thank You for Joining Us at API World

We hope that you have had some time to catch up from API World last week! Thank you for stopping by our booth and sessions. Below are a few things that you may be interested in: 42Crunch Collateral: OWASP API Security Top 10 Cheat Sheet: http://bit.ly/2Bcjoms 42Crunch Overv...

Join 42Crunch at the API Specifications Conference

Come hang out with 42Crunch at the API Specifications Conference this October in Vancouver!   OpenAPI Initiative’s API Specifications Conference (ASC) is a place for API practitioners to come together and discuss the evolution of API technology. ASC includes cutting edge techno...

API Security is not Web Application Security!

When we started 42Crunch 3 years ago, we were convinced that a new market segment would emerge: API security. And the market is now catching up with our vision! This is exemplified by the recent release of the OWASP Top 10 for API Security threats document, which highlights threats t...

We Need the Controller Layer Back!

A couple days ago, I gave an API security workshop to highlight the OWASP Top 10 issues for APIs and some of the mistakes we keep doing at development time and pay for at runtime. Many of the issues related to data, such as improper data filtering, mass assignment or excessive data exp...

Join 42Crunch at API World 2019

Come hang out with 42Crunch at API World this October in San Jose, CA - Booth 306! API World is the world's largest API & microservices conference & expo with tracks covering API Lifecycle, Microservices architecture, API Innovations, and more.   Join some of our API secur...