API World 2020 [Virtual]

API World 2020 Virtual Event | October 27-29 Join 4,500 global technical leaders, engineers, software architects, and executives at the world’s largest and longest-running API & microservices event – in its 9th year! This year, API World 2020 will be fully digital.   OPEN TALK (API) Common API Security Pitfalls: Learning From Other’s Mistakes Thursday …


WEBINAR: 42Crunch Platform Demo: No PowerPoint, no BS, just ACTION!

Here’s the deal… The 42Crunch solution lets you describe security as code as part of your OpenAPI specification files, allowing you to entirely automate the API security process, from the very beginning of the API lifecycle. Developers can simply annotate their API contracts to describe the required security policies and we process those annotations to …



WEBINAR: Positive Security for APIs – What it is and why you need it!

Positive Security for APIs: What it is and why you need it! Many of the issues on the OWASP API Security Top 10 are triggered by the lack of input or output validation. Here are a few illustrative real-life examples on this: Drupal suffered a major issue in February 2019: a remote code execution flaw …



WEBINAR: The OWASP API Security Top 10

The OWASP API Security Top 10 In recent years, large reputable companies such as Facebook, Google and Equifax have suffered major data breaches that combined exposed the personal information of hundreds of millions of people worldwide. The common vector linking these breaches – APIs. The scale and magnitude of these breaches are the reason API …


API Security is not Web Application Security!

When we started 42Crunch 3 years ago, we were convinced that a new market segment would emerge: API security. And the market is now catching up with our vision! This is exemplified by the recent release of the OWASP Top 10 for API Security threats document, which highlights threats that do not apply to traditional …


Start acting on API Security today!

APIs are the access doors to your enterprise assets and the backbone of pretty much any application that has been written in recent years. While most companies apply token-based access to APIs with OpenIDConnect and OAuth, there are still many aspects of security which are not properly covered for APIs such as common injection attacks, …


Why do we need the A10 entry in the OWASP Top 10 ?

Without any doubt, APIs have redefined the enterprise architecture landscape by becoming the building blocks of internal and external enterprise applications. APIs are now the entry point into most architectures, much like servlets and JSPs were in the application server era. APIs give access to a wide range of applications, systems, databases and now things with …