API Security Platform
Tutorial on how to use API Capture in order to generate OpenAPI contracts automatically. Helping to save significant time and money compared to creating them manually.
Learn how to perform API Security testing in GitHub Actions using 42crunch API Audit & Scan testing tools.
Tutorial on how to run the 42Crunch API security Scan from the OpenAPI (Swagger) Editor extension in VS Code and how to navigate the results.
October 24, 2023 – Santa Clara, CA. Today at API World, 42Crunch, the API Security Platform vendor, announced that it now has 1 million developers leveraging its API security tools to secure their APIs. 42Crunch makes it easy for developers to use its OpenAPI security tools from directly inside their preferred Integrated Development Environments (IDE), […]
This webinar showcases how users of the Microsoft Azure Sentinel platform via the 42Crunch platform integration can proactively protect their APIs. By leveraging 42Crunch’s API security platform, Azure Sentinel users gain visibility into their API infrastructure, identify vulnerabilities, and mitigate risks.
42Crunch Expands Collaboration with Microsoft by Joining Microsoft Intelligent Security Association Collaboration Consolidates End-to-End API Security Experience for the Enterprise San Francisco, January 10, 2023 – 42Crunch, the Developer First API Security platform company, announced today that it has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers who have integrated their […]
Developer-First API Security to Help Enterprises Achieve End-to-End Protection of their Digital Initiatives 42Crunch is at API World in San Jose this week, the annual gathering of the API industry. I find it a wonderful event where end-users, vendors, consultants and analysts meet to explore and learn about the benefits gained from implementing an […]
In this session, 42Crunch technical expert, Andy Wright, walks through how to perform a Security Audit and a Conformance Scan of your API Contract. He immediately builds a security report and calculates an audit score for each API he analyzes based on the OpenAPI annotations in the API definition. This audit score reflects the risk associated with exposing the APIs, internally and externally.
Our June 2021 update just went live, and I am here to tell you the details. Executive Dashboards The most noticeable change in the user interface is the new organization-level executive dashboard. It allows organization administrators to get a quick glance at the corporate use of 42Crunch API Security and the trends across Security Audit, […]
Our May 2021 update just went live, and I am here to tell you the details. Updated CI/CD plugins and repository data in the platform 42Crunch provides off-the-shelf plugins for a variety of CI/CD pipelines. These can discover OpenAPI files in the repository, upload them to the 42Crunch platform, perform Security Audit, and succeed or […]
We have just updated our API Security platform, and I want to tell you all about it. 100+ New Security Audit Checks Security Audit checks related to authentication just had a major revamp. Now instead of generic articles on insecure authentication methods, we provide specific information for each case, including: API Key passed as a […]
Today we are happy to announce the global availability of the latest version of the 42Crunch API Security Platform. We have updated our community deployment used by thousands of API developers worldwide, our IDE plugins, online tools, and deployments used by our enterprise customers. Below is a summary of the biggest new features and improvements. […]
IRVINE, CA, OCTOBER 7, 2020 — Today, the API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the availability of its REST API Static Security Testing with GitHub code scanning. By adding 42Crunch to code scanning, developers can include REST API OpenAPI / Swagger definitions within static security tests. Most of […]
Overview of the 42Crunch API Security platform showing the dashboard, main API Security features, basic navigation and API collections.
IRVINE, CA, JUNE 16, 2020 — Today, the API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Atlassian’s code collaboration and CI/CD solution, Bitbucket Pipelines. This extension enables companies to easily enforce secure API design right from their CI/CD […]
Shows how to import the OpenAPI (Swagger) definition file, run the security audit and view the security report.
Learn how to add API security Audit extension in the BitBucket Pipelines CI/CD and run the API Audit.
Explains the Security Audit Report including the Audit Score, how to navigate the report, the use of filters and how to get remediation advice on each security issue.
You had questions, and we’ve got answers! Thank you for all the questions submitted on our “42Crunch Security Audit for WSO2 API Manager 3.1” webinar. Below is the replay and all the answers to the questions that were asked. If you’d like more information please feel free to contact us. [xyz-ihs snippet=”WSO2-Webinar”] […]
An overview of API Scan, how to generate the security report that detects security misconfigurations between your API and the API definition
An overview of API protect – a Micro-Firewall that provides runtime API security protection and policy enforcement and how to set it up.
Learn how to read the API Protect reports, view transaction logs, lookup details on specific errors, enable non blocking mode and use the security dashboard.
In this tutorial we show you how to create a new OpenAPI file in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI Editor and go through some of the useful features in the editor.
Tutorial on how to run the 42Crunch API security audit from the OpenAPI (Swagger) Editor extension in VS Code and how to navigate the report.
You had questions, and we’ve got answers! Thank you for all the questions submitted on our “REST API Security by Design with Azure Pipelines” webinar. Below are all the answers to the questions that were asked. If you’d like more information please feel free to contact us. REST API Security for Microsoft Azure Pipelines. Watch Webinar REST […]
Enables Azure DevOps customers to extend their DevSecOps practices to REST APIs IRVINE, CA, MARCH 18, 2020 — Today, the API security leader and creator of REST API DevSecOps tooling and the industry’s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Microsoft Azure Pipelines. This extension […]
42Crunch Democratizes API Security by Adding Self Registration, Free and Low-Cost Tiers to Their Comprehensive API Security Platform SAN FRANCISCO, FEBRUARY 25, 2020 — Today at the RSA Conference, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the launch of its new self-registration feature for their API […]
You had questions, and we’ve got answers! Thank you for all the questions submitted on our “Protecting Microservices APIs with 42Crunch API Firewall” webinar. Below are all the answers to the questions that were asked. If you’d like more information please feel free to contact us. [xyz-ihs snippet=”Protecting-microservices”] Can the sidecar be […]
Every day, new breaches show us that we still have a long way to go with API security. In order to protect APIs, enterprises need to take a holistic approach, which includes the following: Securing the infrastructure: OS configuration, network configuration as well as containers. Properly configuring application servers: enforce TLS 1.2/1.3, remove weak cipher […]
SAN JOSE, OCTOBER 9, 2019 — Today at API World, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the availability of REST API Security Audit functionality in its popular OpenAPI extension for Microsoft Visual Studio Code — making it easier than ever to enable a DevSecOps process for API security. […]
A couple days ago, I gave an API security workshop to highlight the OWASP Top 10 issues for APIs and some of the mistakes we keep doing at development time and pay for at runtime. Many of the issues related to data, such as improper data filtering, mass assignment or excessive data exposure, could be […]
The 42Crunch August 2019 release introduces a new API firewall non-blocking mode so you can test how it affects your existing API traffic without impacting consumers, a deeper integration between the security audit and editor for seamless navigation, and an enhanced audit issue view for faster editing. (See the release notes for additional details on full list […]
42Crunch CEO, Jacques Declas, sat down with Alan Shimel of Digital Anarchist at this year’s RSA APJ show to discuss new trends in API Security, DevSecOps, and what tools you need to keep up! [Alan Shimel] Hey everyone, it’s Alan Shimel for DevOps.com Security Boulevard. We’re here in Singapore at RSA APJ. We’re right […]
Enables Any Developer to Become a Security Expert and the Driving Force Of API Security IRVINE, AUGUST 6, 2019 — Today, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the latest release of its API security platform with enhanced tools for developers to easily define security in OpenAPI contracts — […]
42Crunch Allows Organizations to Extend Comprehensive API Security Beyond the Edge, to Each and Every Container in Kubernetes Environments SINGAPORE, JULY 16, 2019 — Today at RSA Asia Pacific & Japan 2019, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the latest release of its API security platform […]
The 42Crunch platform offers DevSecOps teams a unique set of integrated API security tools which allow discovery, remediation of OpenAPI vulnerabilities and runtime protection against API attacks. The 42Crunch June 2019 release introduces an updated, easy to use UI along with key enhancements to API contract security audit reports, full user management for organization administrators, […]
IRVINE, CA, USA, March 6, 2019 — 42Crunch, the leading API security company, announced today the release of the 42Crunch API Platform, the world’s first API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of […]
LONDON, UK, February 13, 2019 — API Contract Security Audit is a free online tool that lets developers and security professionals upload their OpenAPI definition files and get a detailed security assessment on the potential risks that their APIs might have. Each issue in the report shows the specific place in the API contract that […]
London – Nov 21, 2018 – Today, at the API Security For Open Banking Summit, 42Crunch, the leading backend API security platform and CriticalBlue, provider of Approov, the leading frontend mobile API security solution, announced that they are now offering enterprise customers with an end-to-end API protection service. 42Crunch and CriticalBlue were both named Cool Vendors […]