About 42Crunch

We're on a mission to simplify API security so developers, security and operations teams can unite and spend more time innovating!

OWASP API Top 10: See how 42Crunch can protect you and download our free cheat sheet!
Learn More

Who We Are

42Crunch was founded by veterans of the security and API management industry who recognized that the traditional approach to protecting APIs was simply not scalable. APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. The time is now right for a new approach to API security.

Our Mission

42Crunch exists with the purpose of making API developers and security practitioners' lives easier, by providing a platform to automate security into the API development pipeline and giving full visibility and control of security policy enforcement at every stage of the API lifecycle.

We work closely with CISOs, DevSecOps and API teams by offering a purpose-built solution that addresses the key challenges encountered with an API-first or indeed, API-last strategy.

Our goal is to offer end-to-end protection for your APIs with a developer-first platform that enables continuous, automated and scalable API security. We want you to focus on innovation and strategic business outcomes, and let us worry about your APIs.

"Security the way it should be. We use 42Crunch to improve the security posture of our APIs."

Cybersecurity Manager for Connected Car

Global Automotive Manufacturer

Endorsed by Analysts

We are covered by all the leading analyst firms and are regularly featured in their reports.

“42Crunch is a Gartner Cool Vendor for Monitoring and Management of Threats to Applications and Data.”
Dionisio Zumerle, VP Analyst
"Centralized policy management and full process automation ensures that security becomes an integral part of the API lifecycle and can be applied automatically and at scale – across hybrid clouds or within microservice-based applications.”
Alexei Balaganski, Lead Analyst
“42Crunch’s ability to secure both the CI/CD pipeline & the runtime environment makes it a compelling candidate for any API security project. The development of the local agent for internal APIs, meanwhile, expands its dynamic scanning capabilities even further.”
Rik Turner, Principal Analyst
“Based on the resulting scores from each category in our API hacking lab, the overall score awarded to the 42Crunch API Security Platform is a 5/5 stars – the highest rating I’ve ever given a vendor thus far.”
Alissa Knight, Cybersecurity Analyst

Certifications & Associations

At 42Crunch we take protecting data seriously. We have implemented the strictest industry security best practices to ensure our services are built to meet the most rigorous industry security standards.

We believe in the power of community. Our involvement in the OpenAPI initiative is helping to contribute to the collective standards around API.


42Crunch has offices located worldwide

San Francisco

95 Third Street, 2nd Floor
San Francisco, CA 94103 


5 Georges Dock
Dublin 1, Ireland 


71-75 Shelton Street, WC2h 9JQ
London, England

Ready to Get Started?

Developer-first solution for delivering API security as code.