API Security Platform

Protect Your APIs with Microsoft Azure Sentinel and 42Crunch Platforms

January 31, 2023

This webinar showcases how users of the Microsoft Azure Sentinel platform via the 42Crunch platform integration can proactively protect their APIs. By leveraging 42Crunch’s API security platform, Azure Sentinel users gain visibility into their API infrastructure, identify vulnerabilities, and mitigate risks.

42Crunch expands Microsoft collaboration by joining MISA

January 10, 2023

42Crunch Expands Collaboration with Microsoft by Joining Microsoft Intelligent Security Association Collaboration Consolidates End-to-End API Security Experience for the Enterprise San Francisco, January 10, 2023 – 42Crunch, the Developer First API Security platform company, announced today that it has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers who have integrated their […]

42Crunch Now Available On Microsoft Azure Marketplace.

October 25, 2022

Developer-First API Security to Help Enterprises Achieve End-to-End Protection of their Digital Initiatives   42Crunch is at API World in San Jose this week, the annual gathering of the API industry. I find it a wonderful event where end-users, vendors, consultants and analysts meet to explore and learn about the benefits gained from implementing an […]

REST API Risk Audit – Online Demo

July 28, 2022

In this session, 42Crunch technical expert, Andy Wright, walks through how to perform a Security Audit and a Conformance Scan of your API Contract. He immediately builds a security report and calculates an audit score for each API he analyzes based on the OpenAPI annotations in the API definition. This audit score reflects the risk associated with exposing the APIs, internally and externally.

42Crunch API Security Platform June 2021 Release

June 17, 2021

Our June 2021 update just went live, and I am here to tell you the details. Executive Dashboards The most noticeable change in the user interface is the new organization-level executive dashboard. It allows organization administrators to get a quick glance at the corporate use of 42Crunch API Security and the trends across Security Audit, […]

42Crunch API Security Platform May 2021 Release

May 18, 2021

Our May 2021 update just went live, and I am here to tell you the details. Updated CI/CD plugins and repository data in the platform 42Crunch provides off-the-shelf plugins for a variety of CI/CD pipelines. These can discover OpenAPI files in the repository, upload them to the 42Crunch platform, perform Security Audit, and succeed or […]

42Crunch API Security Platform April 2021 Release

April 16, 2021

We have just updated our API Security platform, and I want to tell you all about it. 100+ New Security Audit Checks Security Audit checks related to authentication just had a major revamp. Now instead of generic articles on insecure authentication methods, we provide specific information for each case, including: API Key passed as a […]

42Crunch API Security Platform March 2021 Release

March 23, 2021

Today we are happy to announce the global availability of the latest version of the 42Crunch API Security Platform. We have updated our community deployment used by thousands of API developers worldwide, our IDE plugins, online tools, and deployments used by our enterprise customers. Below is a summary of the biggest new features and improvements. […]

42Crunch Releases OpenAPI Static Security Audit in GitHub Code Scanning

October 7, 2020

IRVINE, CA, OCTOBER 7, 2020 — Today, the API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the availability of its REST API Static Security Testing with  GitHub code scanning. By adding 42Crunch to code scanning, developers can include REST API OpenAPI / Swagger definitions within static security tests. Most of […]

API Security Platform Overview

June 30, 2020

Tutorials Welcome to our tutorials on 42Crunch Platform. Start with a quick overview of how to get started, and the general dashboard layout. The subsequent tutorials go deeper into each and every function of the platform. Login and Dashboard To log into the platform, go to https://platform.42crunch.com/login A successful login takes you to your dashboard […]

42Crunch Launches New REST API Static Security Testing Extension for Bitbucket Pipelines

June 16, 2020

IRVINE, CA, JUNE 16, 2020 — Today, the API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Atlassian’s code collaboration and CI/CD solution, Bitbucket Pipelines. This extension enables companies to easily enforce secure API design right from their CI/CD […]

OpenAPI (Swagger) specification Security Audit on the 42Crunch Platform

June 8, 2020

Tutorials Now that you have had an overview of the platform, let’s get started by importing an API for security audit. Importing APIs To import an OpenAPI (formerly Swagger) definition, click Import API (1) to upload your JSON file. These files contain all the basic information and documentation on how your API functions. As mentioned in the […]

BitBucket Pipelines API Security Audit Extension

June 8, 2020

Tutorials In this quick tutorial you’ll learn how to add static security testing to your REST APIs in Bitbucket with the 42Crunch REST API Static Security Extension. Prerequisite: Make sure you have a 42Crunch API Security Platform account. You can register here: https://platform.42crunch.com/register Create API Token for the pipe You must add an API token […]

OpenAPI (Swagger) specification Audit Report explained

June 7, 2020

Tutorials In our previous tutorial, we have created an API collection, and imported and audited an OpenAPI (Swagger) definition file. Now we are going to drill into the report and walk you through how to get the most out of it. Viewing Checks API Contract Security Audit is a static analysis of your OpenAPI (Swagger) […]

Questions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1

June 1, 2020

You had questions, and we’ve got answers! Thank you for all the questions submitted on our “42Crunch Security Audit for WSO2 API Manager 3.1” webinar. Below is the replay and all the answers to the questions that were asked. If you’d like more information please feel free to contact us.   [xyz-ihs snippet=”WSO2-Webinar”]     […]

API Security Testing with API Scan

May 30, 2020

Tutorials We are going to show you how to perform a conformance scan on our platform. You can also perform an API Scan in VS code IDE  (platform registration is required). You can register for free.  API Scan is a dynamic runtime testing tool that simulates real traffic to your API to ensure conformance with […]

API Protect Micro API Firewall

May 29, 2020

Tutorials In previous tutorials, we have covered static analysis with the API security audit, dynamic testing with conformance scan – now it’s time to discuss protection. Protection Overview The Protection function is real-time protection of live APIs. You put our API firewall in the line of traffic. It’s an extremely efficient piece of software that […]

API Protect Micro API Firewall Reports and Troubleshooting

May 28, 2020

Tutorials You’ve seen how 42Crunch can protect your APIs and microservices – now let’s review reporting. Viewing Transaction Logs At any time, you can click on transaction logs to view all failed transactions found by the conformance scan and review the full list. Look up a Specific Error So one thing that I want to […]

OpenAPI Swagger Extension VS Code

May 1, 2020

Tutorials Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension. Extension Overview Below is an example of the 42Crunch OpenAPI (Swagger) extension […]

API Security Audit using OpenAPI Swagger Extension VS Code

May 1, 2020

Tutorials Our previous tutorial used the build-in Security Editor in 42Crunch Platform to fix audit issues in the OpenAPI (formerly Swagger) definition. In this one, we do the same thing but in Microsoft Visual Studio Code (VS Code) using the 42Crunch OpenAPI extension. Extension Overview Below is an example of the 42Crunch OpenAPI (Swagger) extension […]

Questions Answered: REST API Security by Design with Azure Pipelines

March 26, 2020

You had questions, and we’ve got answers! Thank you for all the questions submitted on our “REST API Security by Design with Azure Pipelines” webinar. Below are all the answers to the questions that were asked. If you’d like more information please feel free to contact us. REST API Security for Microsoft Azure Pipelines. Watch Webinar REST […]

42Crunch Launches New REST API Static Security Testing Extension for Azure Pipelines 

March 18, 2020

Enables Azure DevOps customers to extend their DevSecOps practices to REST APIs IRVINE, CA, MARCH 18, 2020 — Today, the API security leader and creator of REST API DevSecOps tooling and the industry’s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Microsoft Azure Pipelines. This extension […]

42Crunch Adds Self Registration and Low-cost Tiers to API Security Platform

February 25, 2020

42Crunch Democratizes API Security by Adding Self Registration, Free and Low-Cost Tiers to Their Comprehensive API Security Platform   SAN FRANCISCO, FEBRUARY 25, 2020 — Today at the RSA Conference, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the launch of its new self-registration feature for their API […]

Questions Answered: Protecting Microservices APIs with 42Crunch API Firewall

February 24, 2020

You had questions, and we’ve got answers! Thank you for all the questions submitted on our “Protecting Microservices APIs with 42Crunch API Firewall” webinar. Below are all the answers to the questions that were asked. If you’d like more information please feel free to contact us.   [xyz-ihs snippet=”Protecting-microservices”]     Can the sidecar be […]

42Crunch API Firewall and API Management: why you need both!

January 29, 2020

Every day, new breaches show us that we still have a long way to go with API security. In order to protect APIs, enterprises need to take a holistic approach, which includes the following: Securing the infrastructure: OS configuration, network configuration as well as containers. Properly configuring application servers: enforce TLS 1.2/1.3, remove weak cipher […]

42Crunch Adds API Security Audit to its Visual Studio Code OpenAPI Extension

October 9, 2019

SAN JOSE, OCTOBER 9, 2019 — Today at API World, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the availability of REST API Security Audit functionality in its popular OpenAPI extension for Microsoft Visual Studio Code — making it easier than ever to enable a DevSecOps process for API security. […]

We Need the Controller Layer Back!

September 16, 2019

A couple days ago, I gave an API security workshop to highlight the OWASP Top 10 issues for APIs and some of the mistakes we keep doing at development time and pay for at runtime. Many of the issues related to data, such as improper data filtering, mass assignment or excessive data exposure, could be […]

New API Firewall Non-blocking Mode in Latest 42Crunch Release

September 12, 2019

The 42Crunch August 2019 release introduces a new API firewall non-blocking mode so you can test how it affects your existing API traffic without impacting consumers, a deeper integration between the security audit and editor for seamless navigation, and an enhanced audit issue view for faster editing. (See the release notes for additional details on full list […]

Revolutionizing API Security – 42Crunch + Digital Anarchist

August 22, 2019

42Crunch CEO, Jacques Declas, sat down with Alan Shimel of Digital Anarchist at this year’s RSA APJ show to discuss new trends in API Security, DevSecOps, and what tools you need to keep up!   [Alan Shimel] Hey everyone, it’s Alan Shimel for DevOps.com Security Boulevard. We’re here in Singapore at RSA APJ. We’re right […]

42Crunch Adds OpenAPI Editing Tools to its API Security Platform

August 6, 2019

Enables Any Developer to Become a Security Expert and the Driving Force Of API Security  IRVINE, AUGUST 6, 2019 — Today, API security leader and creator of the industry’s first API Firewall, 42Crunch, announced the latest release of its API security platform with enhanced tools for developers to easily define security in OpenAPI contracts — […]

42Crunch Announces Full Kubernetes Support to Automate Zero-Trust API Security Across Microservices Architecture

July 15, 2019

42Crunch Allows Organizations to Extend Comprehensive API Security Beyond the Edge, to Each and Every Container in Kubernetes Environments SINGAPORE, JULY 16, 2019 — Today at RSA Asia Pacific & Japan 2019, API security leader and creator of the industry’s first API Firewall – 42Crunch – announced the latest release of its API security platform […]

Enhance Your DevSecOps Experience with the 42Crunch API Security Platform

June 26, 2019

The 42Crunch platform offers DevSecOps teams a unique set of integrated API security tools which allow discovery, remediation of OpenAPI vulnerabilities and runtime protection against API attacks. The 42Crunch June 2019 release introduces an updated, easy to use UI along with key enhancements to API contract security audit reports, full user management for organization administrators, […]

42Crunch announces the launch of the first API Security platform

March 7, 2019

IRVINE, CA, USA, March 6, 2019 — 42Crunch, the leading API security company, announced today the release of the 42Crunch API Platform, the world’s first API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of […]

APIsecurity.io adds API Security issues and a free API Contract Security Audit service

February 13, 2019

LONDON, UK, February 13, 2019 — API Contract Security Audit is a free online tool that lets developers and security professionals upload their OpenAPI definition files and get a detailed security assessment on the potential risks that their APIs might have. Each issue in the report shows the specific place in the API contract that […]

42crunch and CriticalBlue announce partnership

November 26, 2018

London – Nov 21, 2018 – Today, at the API Security For Open Banking Summit, 42Crunch, the leading backend API security platform and CriticalBlue, provider of Approov, the leading frontend mobile API security solution, announced that they are now offering enterprise customers with an end-to-end API protection service. 42Crunch and CriticalBlue were both named Cool Vendors […]