42crunch named a “Cool Vendor” in Monitoring and Management of Threats to Applications and Data

42Crunch today announced that it had been named a Cool Vendor by Gartner in its “Cool Vendors in Monitoring and Management of Threats to Applications and Data, 2017”[1] report, which was published on June 8, 2017. Gartner subscribers can access the report at

The Gartner[2] report recommends that, “security and risk management leaders overseeing security monitoring and operations should utilize a security validation platform to determine if your security architecture provides the right protection and if configurations are properly implemented.” It further states that they should “aim to use automated security as a service options and commit to deploying advanced analytics and machine learning on top of existing security infrastructure.”

“Security is an extremely important factor in today’s digital world and one that’s overlooked by many,” said Jacques Declas, the co-founder and CEO of 42Crunch. “We are honoured to be included in the Gartner ‘Cool Vendors in Monitoring and Management of Threats to Applications and Data, 2017’[3] report. We view this as further validation of our dedication to educate enterprises on the importance of API security and address growing API security needs with our platform.”

Risk Assessment Drives Security Policies

APIs are the nervous system of a digital business that allow enterprises to expand their reach, increase agility and foster innovation. Organizations need to fully secure these APIs to avoid threats and risks. 42Crunch takes an innovative approach by helping developers and security teams collaborate, assess the risk related to exposing APIs and derive the proper security policies based on that risk. Furthermore, the platform provides the tools to incorporate continuous security testing in the early stages of development as part of a DevSecOps initiative.

The 42Crunch platform consists of several components that cater to these needs. These include

  • 42C Guardian: acts as an API firewall that helps protect APIs against applicative attacks and implements confidentiality and integrity at the message level. It validates API authentication and authorization flows and uses innovative technology to ensure only specified APIs calls can go through.
  • 42C Directory: manages all metadata attached to both technical and business APIs.
  • 42C Maestro: supports the composition of multiple APIs, including the composition of their security contracts.
  • 42C Vault: stores sensitive information such as security credentials, API keys, passwords and certificates in a unified encrypted space.
  • 42C Insights: provides analytics for each role involved in the delivery of the API, including a security dashboard, performance dashboard and usage dashboard.

Ready for Open Banking and PSD2 compliance requirements

The 42Crunch platform has been designed to support the latest standards of banking APIs security, as per the recommendations stated by the financial APIs working group. These include token binding, support for OAuth PKCE, message-level security and stringent transport requirements.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About 42Crunch

Founded in Dublin, Ireland, 42Crunch provides a security platform which automatically generates and enforces risk-based security policies on enterprises APIs. The solution addresses the most demanding API security requirements, especially in the financial domain. The 42Crunch platform also fosters the collaboration of security, development and operations teams and enables a DevSecOps approach to API development. Visit to learn more.

Trademarks and registered trademarks are the property of their respective owners.

PR Contact
Hugh Carroll

[1],[ 2],[ 3]Gartner, “Cool Vendors in Monitoring and Managing Threats to Applications and Data”, Lawrence Orans, Dionisio Zumerle, Avivah Litan, Jeremy D’Hoinne, Matthew T. Stamper, Steve Riley, June 8, 2017

Latest Resources


Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.


What’s the best way to test an API for vulnerabilities? RTFM

By Tom Chang | June 11, 2024

If you’re a child of the 80s like me, you may have had the distinction of being the only one in your house who knew how to program your VCR. My motivation was strong. Clarinet lessons were interfering with my favorite show, the A Team. I was the […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.