42crunch Knowledge Series

New

When talking to prospects or presenting our solution at conferences, we inevitably get asked the same question: what’s the difference between your solution and a Web Application Firewall (WAF)? The core difference is that we know what we are protecting, WAFs don’t. WAFs were built to protect web applications and there is no standard way …

June 20, 2020

Every day, new breaches show us that we still have a long way to go with API security. In order to protect APIs, enterprises need to take a holistic approach, which includes the following: Securing the infrastructure: OS configuration, network configuration as well as containers. Properly configuring application servers: enforce TLS 1.2/1.3, remove weak cipher …

Download our OWASP API Security Cheat Sheets to print out and hang on your wall! US Letter 8.5 x 11 in  |  A4 210 x 297 mm   If you missed our latest presentation, check out the slides here:   Visit the APIsecurity.io encyclopedia to learn more about the OWASP API Security Top 10. Videos …

DevSecOps is a hot topic at the moment, and particularly relevant when dealing with API development. APIs are growing at an exponential rate: not only  are they the backbone of any application, but microservices architecture imply exposing internal APIs for every microservice or group of microservices. The average number of APIs to protect within an …