42Crunch Publishes New OpenAPI Security Audit Plugins for Eclipse, IntelliJ, PyCharm

IRVINE, CA, DECEMBER 15, 2020Today, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the release of new IDE OpenAPI (Swagger) editing plugins for both Eclipse and JetBrains family of IDEs including IntelliJ and PyCharm.

42Crunch’s free OpenAPI security audit plugins simplify REST API development by delivering features such as OpenAPI navigation, code snippets, intellisense, and HTML preview. More importantly, the plugins help developers take their API security to the next level by delivering audit reports right to the developer’s IDE. Thus, engineers discover and address security vulnerabilities as early as API design and development time.

APIs are projected to be the number one attack vector by 2022. Transition to cloud-native architectures, microservices, and serverless functions led to the proliferation of APIs. Companies now have thousands of APIs: constantly changing and network-accessible, thus representing the new, vastly expanded attack surface.

Research shows that detecting and fixing vulnerabilities during production or post-release time is 30 times more difficult than earlier in the API lifecycle. By taking a shift-left approach and addressing API security during design time, companies will establish and maintain the security of their systems while staying agile and delivering business requirements – this starts with developers.

“42Crunch’s mission is to provide API security technology for each stage of the API lifecycle from design, to development, to testing, to runtime protection and monitoring,” says Dmitry Sotnikov, Chief Product Officer at 42Crunch. “By bringing API security audit right into developers’ IDEs of choice, we are making API security easier. Developers get actionable security advice within their development environment and are thus enabled to improve the security of their product.”

The Eclipse and IntelliJ/PyCharm extensions both add rich support for the OpenAPI Specification (Swagger) in JSON or YAML format and allow developers to:

  • Perform 200+ security checks of the OpenAPI specification definition, with detailed feedback for security improvements 
  • Easily view security issues in-line with contract based on the severity level
  • And remediate issues without ever having to leave your IDE




Shifting Security Left
The release of these two new plugins comes as part of 42Crunch’s overall strategy of taking a shift-left approach to simplify and automate security. With a combined 100k+ users of their API Security Platform, IDE and CI/CD plugins, 42Crunch is creating a natural way for development, security and operations teams to naturally enable a DevSecOps process across the API security lifecycle. 

Learn more about their free tools here:

Request a Demo:


About 42Crunch

42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, the 42Crunch platform empowers development, security and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity.

Visit to learn more. 

Visit our online community

Latest Resources


Review of Major API Security Breaches from H1 2024

In this latest webinar, Anthony Lonergan, reviews some of the most recent high-profile API breaches that occurred in 2024.
Anthony will give a detailed overview of each attack and explain how the different vulnerabilities could be exploited to compromise the companies involved. He then practically demonstrates how companies can remediate against these vulnerabilities order to better protect their APIs.


The Scourge of SQL Injection for APIs

By Anthony Lonergan | June 25, 2024

In a report published in May 2024, cybersecurity firm Eclypsium outlined key vulnerabilities discovered in the F5 Big IP Next device. It’s another sobering reminder of the challenges faced in securing APIs when a highly regarded security company like F5 launches a new flagship product with all-too-familiar vulnerabilities […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.