42Crunch Blog

O grande susto Um amigo comentou comigo um episódio interessante: Telefonaram para ele dizendo que era um canal de nível oito de seu banco, confirmando dados como endereço, nome de mãe e pai, cônjuge, filhos etc, dizendo que existiam transações suspeitas, e que a conta dele havia sido invadida e ele precisava ligar urgentemente para …

May 18, 2022

Recently we published an article on the log4shell vulnerability targeting log4j, in which we explained how APIs can be protected against injection attacks with a positive security model, and how 42Crunch easily enables such a model. Now, it’s time for the Spring4Shell (CVE-2022-22965) vulnerability, targeting the Spring framework, commonly used to build APIs. What can …

Why Developer-First API Security is Prevailing in Enterprise. The DevSecOps movement has led to a distinct “shift-left” in the enterprise where tasks are moved earlier in the development cycle so that developers can directly address production concerns as the code is being written. Companies are realizing greater business benefits from this shift-left approach, with accelerated …

Question: Everyone is talking about DevSecOps, why are we not able to fix the security issues? Despite the obvious challenges, Colin believes that the industry has made progress as compared to ten years ago when very insecure code was prevalent. Today’s code is definitely more secure and security is improving — thankfully most developers are …

42crunch and Yenlo Announce Partnership

Amsterdam and Paris, December 18, 2019 – Global integration- and API management specialist Yenlo and specialist in API security 42Crunch, today announced a strategic partnership to secure and enforce API-policies as an added value service to Yenlo’s growing API business across the world...

Questions Answered: Positive Security for APIs Webinar

You had questions, and we've got answers! Thank you for all the questions submitted on the Positive Security for APIs: What it is and why you need it! We couldn't get to all of them so we wanted to follow-up with a full list of all the Q&A - and the slide deck as well! [...

OWASP API Security Top 10 Cheat Sheet

Download our OWASP API Security Cheat Sheets to print out and hang on your wall! US Letter 8.5 x 11 in  |  A4 210 x 297 mm   If you missed our latest presentation, check out the slides here: .embed-container { position: relative; padding-bottom: 56.25%; height: 0; overf...

Questions Answered: OWASP API Security Top 10 Webinar

You had questions, and we've got answers! Thank you for all the questions submitted on the OWASP API Security Top 10 webinar on Nov 21. We couldn't get to all of them so we wanted to follow-up with a full list of all the Q&A - and the slide deck as well! [xyz-ihs snipp...

WEBINAR: The OWASP API Security Top 10

The OWASP API Security Top 10 In recent years, large reputable companies such as Facebook, Google and Equifax have suffered major data breaches that combined exposed the personal information of hundreds of millions of people worldwide. The common vector linking these breaches – APIs...

Thank You for Joining Us at API World

We hope that you have had some time to catch up from API World last week! Thank you for stopping by our booth and sessions. Below are a few things that you may be interested in: 42Crunch Collateral: OWASP API Security Top 10 Cheat Sheet: http://bit.ly/2Bcjoms 42Crunch Overv...