Tutorials

API Security Audit using OpenAPI Swagger Editor Extension in VS Code

Identify and fix issues in the OpenAPI (formerly Swagger) definition file using the API Audit, available via the OpenAPI Editor in Microsoft Visual Studio Code (VS Code).

Reviewing The Score

API audit runs over 300 different checks and provides an overall score that represents the quality of your OpenAPI definition. Learn more by viewing the explanatory video.

Filtering The Audit Report

There are a number of ways to filter the results from the audit report. More in details in the video.

Auditing API Operations

For each operation in your OpenAPI file you have the ability to run the audit just on that single operation.

Fixing Audit Issues

How to work through the Audit report to fix identified issues starting with the critical ones.

Using "Quickfix" Automations

In many cases you will see the option to use a "Quickfix" for identified issues. This is where our tool will automatically add the appropriate fields or insert a template into the OpenAPI definition. There is also a "group fix" option where all of the same issues can be fixed in one go.

Latest Resources

WEBINAR

OWASP BOLA, BA, BOPLA: wie man sie finded und behebt

Wir werden verstehen wie die OWASP API Top 3 von Hackern genutzt werden um Daten aus Unternehmen zu stehlen und wie man sie schon während der Implementierung findet und beheben kann.

BLOG

Why FAPI 2.0 alone is not enough medicine to secure healthcare APIs

By Jacques Declas | August 18, 2025

In conversation recently with Mark Ballard of ComputerWeekly I discussed the significant announcement by the Norwegian Health Network (NHN), that it has mandated FAPI 2.0 (Financial-grade API) across its entire healthcare ecosystem, including hospitals, clinics, pharmacies, and municipal health services. The FAPI 2.0 Security Profile is an API security […]

DataSheet

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Secure Your APIs Today

#1 API security platform

Free Trial

API SECURITY PLATFORM

SERVICES

Free API Security testing

KEY INITIATIVES

BY FUNCTION

BY INDUSTRY

DEVOPS

Runtime

EXPLORE

Dive Deeper

API Testing

ABOUT US

WHY 42Crunch

LANGUAGE