About Us
Who Are We
42Crunch was founded by veterans of the security and API management industry who recognized that the traditional approach to protecting APIs was simply not scalable. APIs are the core building block of every enterprise’s digital strategy and are driving internet traffic growth1, yet they are also the number one attack surface for hackers2.
Traditional application security solutions such as web application firewalls (WAF) and static and dynamic testing tools (SAST/DAST) are not designed to secure APIs nor even are API gateways. 42Crunch is filling this security gap by providing API security specific tools designed to automate and scale the protection of APIs for businesses large and small.
Our Mission
42Crunch was founded to make security practitioners' and developers' lives easier by enabling a collaborative DevSecOps approach to API security. Application Security, API architects, Developers, QA, and Operations – get a shared view of API security, its shared definition, and a shared understanding of what needs to be done to enable security at scale.
The 42Crunch API Security platform enables security teams to centralize the control and governance of API security policy enforcement across a distributed organization. In parallel it also gives development teams easy-to-use tooling that reduces errors, improves the security posture of their APIs and increases the speed of API delivery.
Trusted by Security & Development Teams Globally
Endorsed By Analysts
By implementing automated checks on the source code and configuration being deployed through the pipeline as well as the resulting software, you can detect new and updated APIs and ensure that they are properly secured and/or managed. An example of a product that implements this kind of discovery is 42Crunch API Security Platform
Gary Olliffe
Distinguished VP Analyst
42Crunch’s ability to secure
both the CI/CD pipeline &
the runtime environment
makes it a compelling
candidate for any
API security project.
Rik Turner
Principal Analyst
Runtime protections stand out with 42Crunch because its API protections take a unique approach to problem - a micro-firewall based upon the API specification. In terms of overall suitability, 42Crunch checks the boxes better than most products.
Don MacVittie
Analyst
Developers Use Our Tools!
We go where the developers are and have made our OpenAPI Editor and API Security Audit tools available to developers in their favorite IDEs.
Communities
APISecurity.io is the number 1 community website for all things related to API security.
Our daily news and weekly API Security newsletter cover the latest breaches, vulnerabilities,
standards, best practices, regulations, and technology.
Certifications & Associations
We believe in the power of community.
Our involvement in the OpenAPI initiative is helping to contribute to the collective standards around API.
As an active participant in the OWASP Foundation we contribute to the workings of the global security community through its regional chapters and global conferences.
We take protecting data seriously.
Our services are built to meet the most rigorous industry security standards.
42Crunch is a member of the Microsoft Intelligent Security Association (MISA). 42Crunch has integrated with Microsoft Sentinel to provide enterprises with end-to-end API protection and visibility, critical
to the success of their API-driven digital initiatives.
Office Locations
San Francisco
Dublin
London
Montpellier
1 Akamai: State of the Internet Security Report. 2019
2 Gartner: API Security: Protect your APIs from Attacks and Data Breaches. 2021
Ready to Learn More?
Developer-first solution for delivering API security as code.