Tutorials

API Security Platform Overview

June 30, 2020

Tutorials Welcome to our tutorials on 42Crunch Platform. Start with a quick overview of how to get started, and the general dashboard layout. The subsequent tutorials go deeper into each and every function of the platform. Login and Dashboard To log into the platform, go to https://platform.42crunch.com/login A successful login takes you to your dashboard […]

OpenAPI (Swagger) specification Security Audit on the 42Crunch Platform

June 8, 2020

Tutorials Now that you have had an overview of the platform, let’s get started by importing an API for security audit. Importing APIs To import an OpenAPI (formerly Swagger) definition, click Import API (1) to upload your JSON file. These files contain all the basic information and documentation on how your API functions. As mentioned in the […]

BitBucket Pipelines API Security Audit Extension

June 8, 2020

Tutorials In this quick tutorial you’ll learn how to add static security testing to your REST APIs in Bitbucket with the 42Crunch REST API Static Security Extension. Prerequisite: Make sure you have a 42Crunch API Security Platform account. You can register here: https://platform.42crunch.com/register Create API Token for the pipe You must add an API token […]

OpenAPI (Swagger) specification Audit Report explained

June 7, 2020

Tutorials In our previous tutorial, we have created an API collection, and imported and audited an OpenAPI (Swagger) definition file. Now we are going to drill into the report and walk you through how to get the most out of it. Viewing Checks API Contract Security Audit is a static analysis of your OpenAPI (Swagger) […]

Fixing API Security Issues identified in the Audit Report

May 31, 2020

Tutorials In our previous tutorial, we took a look at the audit report from API Contract Security Audit. This one proceeds onto fixing the issues found in the audit and see how we can iteratively work on our OpenAPI / Swagger definition. Navigating Issues The best place to start are the high priority issues, they […]

API Security Testing with API Scan

May 30, 2020

Tutorials Now that we have reviewed and locked down our contract, we are going to perform a conformance scan. Dynamic Testing API Contract Conformance Scan is a dynamic runtime analysis of your API to check that the behavior of the API conforms to the contract it advertises in its OpenAPI (formerly known as Swagger) definition. […]

API Protect Micro API Firewall

May 29, 2020

Tutorials In previous tutorials, we have covered static analysis with the API security audit, dynamic testing with conformance scan – now it’s time to discuss protection. Protection Overview The Protection function is real-time protection of live APIs. You put our API firewall in the line of traffic. It’s an extremely efficient piece of software that […]

API Protect Micro API Firewall Reports and Troubleshooting

May 28, 2020

Tutorials You’ve seen how 42Crunch can protect your APIs and microservices – now let’s review reporting. Viewing Transaction Logs At any time, you can click on transaction logs to view all failed transactions found by the conformance scan and review the full list. Look up a Specific Error So one thing that I want to […]

OpenAPI Swagger Extension VS Code

May 1, 2020

Tutorials Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension. Extension Overview Below is an example of the 42Crunch OpenAPI (Swagger) extension […]

API Security Audit using OpenAPI Swagger Extension VS Code

May 1, 2020

Tutorials Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension. Extension Overview Below is an example of the 42Crunch OpenAPI (Swagger) extension […]