NEWS

VicOne Partners with 42Crunch to Deliver Uniquely Comprehensive Security Across SDV and Connected-Vehicle Ecosystem

Collaboration pairs leaders in API and automotive cybersecurity to enable broad protection as attacks on automotive APIs climb within and among vehicle, cloud and mobile 

DALLAS and TOKYO, May 29, 2024—VicOne, an automotive cybersecurity solutions leader, today announced a partnership with 42Crunch  to enhance the security of application programming interfaces (APIs) for the software-defined vehicle (SDV) and broader connected-vehicle ecosystem. Through the partnership, automotive original equipment manufacturers (OEMs) and suppliers achieve differentiating benefits:

The cyber-attack surface has expanded rapidly with the trend toward SDVs and increasing reliance on the cloud and APIs. VicOne noted that API-related incidents contributed to 12 percent of automotive security incidents from the second half of 2022 to the first half of 2023. To date, it has been challenging to attain security visibility across the broadening automotive ecosystem, but the VicOne/42Crunch partnership promises to eliminate unknown security blind spots. 

“Our API security testing and protection services are used by Fortune 500 enterprises and over 1 million developers worldwide, and we are thrilled to partner with VicOne to bring these capabilities to the automotive ecosystem,” said Jacques Declas, chief executive officer (CEO) of 42Crunch. “APIs are inherently easy to expose but difficult to defend. As the automotive industry relies more heavily on APIs in SDVs, OEMs and their suppliers will be uniquely equipped through our partnership with VicOne to tackle threats and comply with evolving cybersecurity mandates by integrating diverse sensor data for comprehensive risk assessment and actionable insights.”

According to a Gartner® report, Innovation Insight for API Protection, “API protection products provide three main types of functionality — discovery, posture management and runtime protection.”1 Utilizing 42Crunch’s API Audit vulnerability testing solution and API Firewall in tandem with artificial intelligence (AI)/Large Language Modeling (LLM) via the VicOne xNexus next-generation vehicle security operations center (VSOC) platform, OEMs and suppliers gain precise, contextualized and actionable threat insights to enhance risk visibility across the full ecosystem, optimize resource allocation, accelerate attack investigations and eliminate wasted effort in chasing “false positives.”

Furthermore, data from VicOne’s xCarbon VSOC sensor and smart cockpit protection can be correlated into clear narratives to facilitate continuous and dynamic risk assessment across the automotive supply chain. VicOne’s xZETA automotive vulnerability and SBOM management system scans vehicle software to identify zero-day, undisclosed and known vulnerabilities, malware, ransomware, and advanced persistent threats. Information feeds back into Threat and Risk Assessment (TARA) results to ensure alignment with ISO/SAE 21434 processes and enable continuous monitoring.

“Whereas automotive cybersecurity not long ago focused almost exclusively on in-vehicle APIs, it must today account for API attacks within and among vehicles, the cloud and mobile,” said Max Cheng, CEO of VicOne. “This partnership brings together 42Crunch’s proven expertise in API security and ours in automotive cybersecurity to enable a solution engineered for the new, more complex reality in this industry.”

API Security Solutions for the Automative industry

About 42Crunch

42Crunch enables a standardized approach to API security that automates the enforcement of security compliance across distributed development and security ecosystems. Our API security testing and runtime threat protection services are used by Fortune 500 enterprises and over 1 million developers worldwide. The 42Crunch API DevSecOps platform empowers developers to build security from the IDE into the API pipeline and gives application security teams full governance from the CI/CD across the entire API lifecycle. This seamless DevSecOps approach to API security reduces governance costs and accelerates the delivery of secure APIs.

About VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro’s 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit vicone.com.



1 Gartner, Innovation Insight for API Protection, 2 February 2024. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Latest Resources

WEBINAR

Mitigate OWASP API risks through security-by-design

Learn best practices and mitigation steps for some of the OWASP API vulnerabilities through this 42Crunch API security best practice webinar

BLOG

Securing APIs in the Age of GenAI: Test Before You Connect

By Tom Chang | October 2, 2024

How to secure your APIs from GenAI and LLM based attacks Generative AI (GenAI) and Large Language Models (LLMs) are transforming the enterprise landscape, enhancing customer and employee experiences with unprecedented efficiency and insight. The recent McKinsey Global survey on AI reports that 65 percent of respondents say […]

DataSheet

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.