Tutorials

OpenAPI (Swagger) Security Audit on the 42Crunch Platform

Now that you have had an overview of the platform, let’s get started by importing an API for security audit.

Importing APIs

To import an OpenAPI (formerly Swagger) definition, click Import API (1) to upload your JSON file. These files contain all the basic information and documentation on how your API functions.

As mentioned in the platform overview tutorial, (2) APIs are grouped into collections. If you have not yet created a collection, you can do it when you upload the file, or choose an existing collection. (3) Click Browse to pick the JSON file you want to upload. The API name is pre-populated based on the name of the file, but you can change it if you want.

Click Import, and you are on your way to securing your API contract!

Tip: To automate importing OpenAPI / Swagger definitions, you integrate it with your CI/CD pipeline.

Audit Results

When you import an API definition, API Contract Security Audit runs 300+ checks on it and returns a report in seconds. The audit is based on the security best practices of the industry standard, the OpenAPI Specification. Your API gets a score from 1 to 100 based on how secure it is (1) To view the details of the audit report and the found issues, click Read Report (2).

The audit report outlines all the issues in the well-formedness and security of your API definition, ranks the security risks by severity, and shows you how you can fix the found issues.

Updating API Definitions

If you change an OpenAPI (Swagger) definition you have already uploaded to 42Crunch Platform, you can update the changes to the platform as well. Click the gear on the right, and select (1) Update Definition. Click on Browse to pick your file, and click Upload Definition (2).

Tip: Again, to automate importing OpenAPI / Swagger definitions, you integrate it with your CI/CD pipeline.

Latest Resources

WEBINAR

Agentic AI: Fools Rush in Where Angels Fear to Tread

Join, Rik Turner, Chief Analyst at Omdia in conversation with Philippe Leothaud, CTO at 42Crunch as they separate signal from noise and explore the practical implications for enterprises seeking to enable the AI enterprise with agentic AI, but ensure that the appropriate security guardrails are in place.

BLOG

The Best API Security Platform for the Agentic Enterprise

By Hugh Carroll | May 8, 2026

Selecting the API Security Platform that addresses your AI concerns Enterprise API security has always been hard. In 2026, it has become structurally more difficult — not because the threat landscape has changed incrementally, but because of the way that APIs are being built has changed entirely. AI […]

DataSheet

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Secure Your APIs Today

#1 API security platform

Free Trial

Platform Overview

Capabilities

SERVICES

Integrations

Use Cases

BY FUNCTION

BY INDUSTRY

Learn

About

WHY 42Crunch

ABOUT US

Help