About Us

Who Are We

42Crunch was founded by veterans of the security and API management industry who recognized that the traditional approach to protecting APIs was simply not scalable. APIs are the core building block of every enterprise’s digital strategy and are driving internet traffic growth1, yet they are also the number one attack surface for hackers2.

Traditional application security solutions such as web application firewalls (WAF) and static and dynamic testing tools (SAST/DAST) are not designed to secure APIs nor even are API gateways. 42Crunch is filling this security gap by providing API security specific tools designed to automate and scale the protection of APIs for businesses large and small.

AboutUs Infographic Quotes P1-06
AboutUs Infographic Quotes P1-07

Our Mission

42Crunch was founded to make security practitioners' and developers' lives easier by enabling a collaborative DevSecOps approach to API security. Application Security, API architects, Developers, QA, and Operations – get a shared view of API security, its shared definition, and a shared understanding of what needs to be done to enable security at scale.

The 42Crunch API Security platform enables security teams to centralize the control and governance of API security policy enforcement across a distributed organization. In parallel it also gives development teams easy-to-use tooling that reduces errors, improves the security posture of their APIs and increases the speed of API delivery.

Trusted by Security & Development Teams Globally

42C Customers_Allianz copy
42C Customers_Bridgestone copy
bt-group-logo small
Nokia logo
42C Customers_Ford copy
42C Customers_Insulet Corporation copy
Logo_Logius BW
42C Customers_Pollinate copy
42C Customers_Travelers copy
42C Customers_Verizon copy

Endorsed By Analysts


By implementing automated checks on the source code and configuration being deployed through the pipeline as well as the resulting software, you can detect new and updated APIs and ensure that they are properly secured and/or managed. An example of a product that implements this kind of discovery is 42Crunch API Security Platform

Gary Olliffe

Distinguished VP Analyst


42Crunch’s ability to secure
both the CI/CD pipeline &
the runtime environment
makes it a compelling
candidate for any
API security project.

Rik Turner

Principal Analyst


Runtime protections stand out with 42Crunch because its API protections take a unique approach to problem - a micro-firewall based upon the API specification. In terms of overall suitability, 42Crunch checks the boxes better than most products.

Don MacVittie


gartner grey
Gigaom_Logo_normal Grey

Developers Use Our Tools!

We go where the developers are and have made our OpenAPI Editor and API Security Audit tools available to developers in their favorite IDEs.

IDE logos
VS Code
AboutUs Infographic Quotes P3-16
AboutUs Infographic Quotes P3-15
AboutUs Infographic Quotes P3-14



APISecurity.io is the number 1 community website for all things related to API security.
Our daily news and weekly API Security newsletter cover the latest breaches, vulnerabilities,
standards, best practices, regulations, and technology.

Certifications & Associations

AboutUs Certifications_OpenAPI

We believe in the power of community.
Our involvement in the OpenAPI initiative is helping to contribute to the collective standards around API.

AboutUs Certifications_OWASP

As an active participant in the OWASP Foundation we contribute to the workings of the global security community through its regional chapters and global conferences.

AboutUs Certifications_ISO

We take protecting data seriously.
Our services are built to meet the most rigorous industry security standards.

42Crunch Member of MISA

42Crunch is a member of the Microsoft Intelligent Security Association (MISA). 42Crunch has integrated with Microsoft Sentinel to provide enterprises with end-to-end API protection and visibility, critical
to the success of their API-driven digital initiatives.

Office Locations

San Francisco




1 Akamai: State of the Internet Security Report. 2019

2 Gartner: API Security: Protect your APIs from Attacks and Data Breaches. 2021



A Blueprint for Success

Understand the API Security maturity model and learn how to build out a successful API Security program for your enterprise.

Landscape iPad Mockup n4 InnerPage 2

Ready to Learn More?

Developer-first solution for delivering API security as code.