42crunch named a “Cool Vendor” in Monitoring and Management of Threats to Applications and Data

42Crunch today announced that it had been named a Cool Vendor by Gartner in its “Cool Vendors in Monitoring and Management of Threats to Applications and Data, 2017”[1] report, which was published on June 8, 2017. Gartner subscribers can access the report at .

The Gartner[2] report recommends that, “security and risk management leaders overseeing security monitoring and operations should utilize a security validation platform to determine if your security architecture provides the right protection and if configurations are properly implemented.” It further states that they should “aim to use automated security as a service options and commit to deploying advanced analytics and machine learning on top of existing security infrastructure.”

“Security is an extremely important factor in today’s digital world and one that’s overlooked by many,” said Jacques Declas, the co-founder and CEO of 42Crunch. “We are honoured to be included in the Gartner ‘Cool Vendors in Monitoring and Management of Threats to Applications and Data, 2017’[3] report. We view this as further validation of our dedication to educate enterprises on the importance of API security and address growing API security needs with our platform.”

Risk Assessment Drives Security Policies

APIs are the nervous system of a digital business that allow enterprises to expand their reach, increase agility and foster innovation. Organizations need to fully secure these APIs to avoid threats and risks. 42Crunch takes an innovative approach by helping developers and security teams collaborate, assess the risk related to exposing APIs and derive the proper security policies based on that risk. Furthermore, the platform provides the tools to incorporate continuous security testing in the early stages of development as part of a DevSecOps initiative.

The 42Crunch platform consists of several components that cater to these needs. These include

  • 42C Guardian: acts as an API firewall that helps protect APIs against applicative attacks and implements confidentiality and integrity at the message level. It validates API authentication and authorization flows and uses innovative technology to ensure only specified APIs calls can go through.
  • 42C Directory: manages all metadata attached to both technical and business APIs.
  • 42C Maestro: supports the composition of multiple APIs, including the composition of their security contracts.
  • 42C Vault: stores sensitive information such as security credentials, API keys, passwords and certificates in a unified encrypted space.
  • 42C Insights: provides analytics for each role involved in the delivery of the API, including a security dashboard, performance dashboard and usage dashboard.

Ready for Open Banking and PSD2 compliance requirements

The 42Crunch platform has been designed to support the latest standards of banking APIs security, as per the recommendations stated by the financial APIs working group. These include token binding, support for OAuth PKCE, message-level security and stringent transport requirements.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About 42Crunch

Founded in Dublin, Ireland, 42Crunch provides a security platform which automatically generates and enforces risk-based security policies on enterprises APIs. The solution addresses the most demanding API security requirements, especially in the financial domain. The 42Crunch platform also fosters the collaboration of security, development and operations teams and enables a DevSecOps approach to API development. Visit to learn more.

Trademarks and registered trademarks are the property of their respective owners.

PR Contact
Saliya Withana
Marketing and PR

[1],[ 2],[ 3]Gartner, “Cool Vendors in Monitoring and Managing Threats to Applications and Data”, Lawrence Orans, Dionisio Zumerle, Avivah Litan, Jeremy D’Hoinne, Matthew T. Stamper, Steve Riley, June 8, 2017

Latest Resources


Something Old, Something New – OWASP API Security Top 10 in 2023

42Crunch’s Colin Domoney takes a look at the new OWASP API Security 2023 listing, identifying which vulnerabilities are new, which have not changed and which have been removed.


How to Embed API Security Testing into the Development Lifecycle without Delaying Production Rollout

By Mark Dolan | September 19, 2023

This is the first in a 3-part series of blogs exploring how 42Crunch assists enterprises with API security compliance. In her seminal blogpost, “Shifting Security to the Left” Shannon Lietz explains how including security testing earlier in the development lifecycle makes for longer-lived and more resilient software. The principles she advocates for are also what guides us at 42Crunch..


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.