42Crunch Adds Self Registration and Low-cost Tiers to API Security Platform

42Crunch Democratizes API Security by Adding Self Registration, Free and Low-Cost Tiers to Their Comprehensive API Security Platform


SAN FRANCISCO, FEBRUARY 25, 2020 — Today at the RSA Conference, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the launch of its new self-registration feature for their API Security Platform. Development, security and operations teams now have instant access to a comprehensive set of API security tools that easily integrate into existing workflows and enable an agile DevSecOps process.

APIs are growing at an exponential rate: not only are they the backbone of any application, but microservices architecture imply exposing internal APIs for every microservice or group of microservices. The average number of APIs to protect within an enterprise is nearing 500, and Gartner is predicting that by 2022 APIs will become the most common attack vector. Unfortunately, API security is very complex and often considered too late in the process.

A shift left approach is required to ensure security is addressed as early as possible in the design phase – enabling the needed DevSecOps process to deliver security and protection throughout the entire API lifecycle. 42Crunch has made this easy by creating a platform based around the industry standard OpenAPI Specification, and now opening it to the public with self-registration to continue their mission of providing the most comprehensive tools for implementing API security best practices.

“APIs are becoming one of the primary attack vectors, yet, API security remains confusing and most solutions out there are incomplete expensive platforms requiring talking to an enterprise sales person to get started” says Jacques Declas, CEO and Founder of 42Crunch. “We believe that no API, private or public, should be deployed without being audited and scanned at design-time and automatically protected at run-time. Our new self-signup option, free tier, and low-cost subscription options let DevOps and Security teams work seamlessly together to Secure all their APIs in real time throughout the API lifecycle!”

“It was the simplicity and low learning curve of REST APIs that led to the explosive growth of the API economy in the last decade.” says Alexei Balaganski, Lead Analyst at KuppingerCole Analysts AG. “However, for the same reasons modern APIs are so difficult to protect against exploits and data breaches. Making proactive security an integral part of the API lifecycle is crucial to be able to develop distributed applications and services resilient against cyberattacks; having guidance and best practices, as well as convenient tools available at developers’ disposal is how the journey towards this goal starts.”

“42Crunch has been doing a great job addressing the former with their API Encyclopedia for quite some time already.” continues Alexei. “Today’s announcement to make the entirety of their API security platform accessible to every developer marks another important step towards making API security as ubiquitous as APIs themselves.”

The new self-registration feature provides instant access to the security tools in the 42Crunch API Security Platform – allowing teams to deliver security across the entire API lifecycle:

  • AUDIT: Run 200+ check security audit of the OpenAPI specification definition with detailed security scoring to help developers define and strengthen API contract.
  • SCAN: Scan live API endpoints to discover potential vulnerabilities and discrepancies of the API implementation against the API contract.
  • PROTECT: Launch service to protect APIs and apply policies that can be deployed in our lightweight, low-latency micro API firewall.


42Crunch API Security Platform Dashboard


42Crunch API Security Platform Audit Report


42Crunch API Security Platform Conformance Scan


42Crunch API Security Platform Protection Dashboard


42Crunch offers a basic free-forever account and tiered pricing based on the number of APIs, users, and API call volume. Sign up for an account today at:

Last year they launched an OpenAPI (Swagger) Editor for VS Code as part of an overall strategy to simplify and automate API security. The extension has been well received with a 5 star rating, and more than 39,000 downloads. You can download it for free

Learn more about the 42Crunch API Security Platform

About 42Crunch
42Crunch bridges the gap between API development, security and operations teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, the 42Crunch platform empowers development, security and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity and protect businesses against API threats. To learn more visit:

Latest Resources


Top Things You Need to Know About API Security

Two of the API security industry’s leading experts, Dr Philippe de Ryck and Isabelle Mauny, guide you through some real-world cases of API security attacks and also share some best practices for securing your APIs.


What’s the best way to test an API for vulnerabilities? RTFM

By Tom Chang | June 11, 2024

If you’re a child of the 80s like me, you may have had the distinction of being the only one in your house who knew how to program your VCR. My motivation was strong. Clarinet lessons were interfering with my favorite show, the A Team. I was the […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.