Enhance Your DevSecOps Experience with the 42Crunch API Security Platform

The 42Crunch platform offers DevSecOps teams a unique set of integrated API security tools which allow discovery, remediation of OpenAPI vulnerabilities and runtime protection against API attacks.

The 42Crunch June 2019 release introduces an updated, easy to use UI along with key enhancements to API contract security audit reports, full user management for organization administrators, support for DevSecOps using our REST API, and built-in user interface to look up API firewall transactions. (See the release notes for additional details on full list of updates.)

New Feature Highlights

API Contract Security Audit

The 42Crunch Platform provides a comprehensive security audit of the OpenAPI specification definition with detailed security scoring to help developers define and strengthen their API contracts. In the new release, the API Contract Security Audit report includes the following improvements:

  • Filter your top priority issues to immediately address the most critical security vulnerabilities in your API, and quickly improve your audit score.
  • Direct navigation from issues list to issue details, including a detailed view for each issue, with inline view of the OpenAPI file and the remediation articles from the API Security Encyclopedia on



Users and Credentials Management
In this version of the release, 42Crunch empowers Admins with more control over users and credential management. Administrators of the platform can now manage users in their organizations from their own profile settings:

  • Add, delete or lock out users within your 42Crunch instance
  • Manage users level of access
  • Force password reset for users



Support for DevSecOps
The role of DevSecOps is to shift left and introduce security measures as early as possible in the API lifecycle. It helps delivery at speed, but without sacrificing security. Now customers can automate API Protection by calling the 42Crunch Platform REST API from their CI/CD pipeline. To invoke the platform API, you must use API tokens. With the new user interface, each platform user can:

  • Create tokens and revoke tokens
  • Manage the access rights (scopes) that each API token gets



Try our security audit for free. If you want to see the whole platform in action, request a demo now!

For news on all things API – visit and sign up for the weekly newsletter.

Latest Resources


Webinar Series - Defending APIs with Jim Manico

Defending APIs with Jim Manico – Episode 1

Episode 1: Request Forgery on the Web – CSRF & SSRF

November 10, 2022 | 9am PST | 5pm BST

Join Jim Manico, CEO of Manicode and Colin Domoney from 42Crunch, as they deliver a 2-part webinar series to help developers better defend APIs.


42Crunch Announce OWASP Membership

42Crunch becomes a member of OWASP to Advance API Security 

By Newsdesk | November 14, 2022

November 14, 2022, San Francisco, CA –  42Crunch is pleased to announce our corporate membership of the Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable organization focused on improving the security of software. At 42Crunch we have always been inspired by OWASP’s role as an enabler […]


Datasheet Cover Images P1-02

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.