1 – 42Crunch Platform Overview

Welcome to our tutorials on 42Crunch Platform. Start with a quick overview of how to get started, and the general dashboard layout. The subsequent tutorials go deeper into each and every function of the platform. Login and dashboard  To log into the platform, go to https://platform.42crunch.com/login. A successful login takes you to your dashboard and […]

Continue reading


8 – Protection Reports, Troubleshooting and Settings

You’ve seen how 42Crunch can protect your APIs and microservices – now let’s review reporting. Viewing Transaction Logs At any time, you can click on transaction logs to view all failed transactions found by the conformance scan and review the full list. Look Up Specific Error So one thing that I want to show first […]

Continue reading


7 – 42Crunch API Firewall Overview

In previous tutorials, we have covered static analysis with the API security audit, dynamic testing with conformance scan – now it’s time to discuss protection. Protection Overview The Protection function is real-time protection of live APIs. You put our API firewall in the line of traffic. It’s an extremely efficient piece of software that we […]

Continue reading


6 – Conformance Scan Overview

Now that we have reviewed and locked down our contract, we are going to perform a conformance scan. Dynamic Testing API Contract Conformance Scan is a dynamic runtime analysis of your API to check that the behavior of the API conforms to the contract it advertises in its OpenAPI (formerly known as Swagger) definition. You […]

Continue reading


5 – OpenAPI Extension for VS Code

Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension. Extension overview Below is an example of the 42Crunch OpenAPI extension for VS […]

Continue reading


4 – Fixing Security Issues

In our previous tutorial, we took a look at the audit report from API Contract Security Audit. This one proceeds onto fixing the issues found in the audit and see how we can iteratively work on our OpenAPI definition. Navigating Issues The best place to start are the high priority issues, they are the fastest […]

Continue reading


3 – Navigating the Security Audit Report

In our previous tutorial, we have created an API collection, and imported and audited a OpenAPI definition. Now we are going to drill into the report and walk you through how to get the most out of it. API Contract Security Audit is a static analysis of your OpenAPI file using OpenAPI Specification. We run […]

Continue reading


2 – Getting Started with Security Audit

Now that you have had an overview of the platform, let’s get started by importing an API for security audit. Importing APIs To import an OpenAPI (formerlySwagger) definition, click Import API (1) to upload your JSON file. These files contain all the basic information and documentation on how your API functions. As mentioned in the […]

Continue reading