42Crunch Blog

Featured

In the first part of this blog, we had covered the security aspects of Spring Boot Microservices and how to inject them into your code level to generate higher quality OAS (Swagger) files. In this second part, we will cover aspects regarding attributes, operations, and data. Data Validation for Secure APIs You must be aware …

April 26, 2021

This document highlights how code annotations can be used to enhance the quality and the security posture for customers using .Net Core. 42Crunch security recommendations help enterprises discover and remediate vulnerabilities much more quickly (up to 25X more quickly) while saving 90% of manual costs (whether through internal efforts or external pen-testing). Using the Available …

We have just updated our API Security platform, and I want to tell you all about it. 100+ New Security Audit Checks Security Audit checks related to authentication just had a major revamp. Now instead of generic articles on insecure authentication methods, we provide specific information for each case, including: API Key passed as a …

LOSING MY RELIGION: Successful and unsuccessful approaches to API Security in a global enterprise – A take on Ford Motor Company’s approach to API security and the journey to enforce security compliance while ensuring productivity of thousands of developers managing thousands of APIs.   The Cybersecurity Snowball Effect With development Communities and product teams, there …

Token Management Security Best Practices

We recently participated to the DZone mobile apps development guide to highlights some of the key best practices when dealing with API keys and tokens. Below is an excerpt, the full article is available on DZone! Modern applications, both  web-based and native, rely on APIs on the back...

42Crunch partners with Kudelski IoT Security group

CHESEAUX-SUR-LAUSANNE, Switzerland and PHOENIX (AZ), USA, December 20, 2017 – The Kudelski Group (SIX:KUD.S), the world leader in digital security, will demonstrate its IoT Security Suite at CES® 2018. The comprehensive suite of services and technologies targets device manufacturers and...

Start acting on API Security today!

APIs are the access doors to your enterprise assets and the backbone of pretty much any application that has been written in recent years. While most companies apply token-based access to APIs with OpenIDConnect and OAuth, there are still many aspects of security which are not properly ...