Webinar

Positive API Security Model, and Why You Need It!

December 10, 2019

Webinar Thumb Preview-1024x585px copy

Many of the issues on the OWASP API Security Top 10 are triggered by the lack of input or output validation.

To protect APIs from such issues, an API-native, positive security approach is required: we create an allowlist of the characteristics of allowed requests. These characteristics are used to validate input and output data for things like data type, min or max length, permitted characters, or valid values ranges. But how do we fill the gap between security and development mentioned above?

What you’ll learn:

    • Why WAFs fail in protecting APIs
    • How an allowlist protects against A3, A6 and A8 of the OWASP API Security Top 10 – (with real-life examples)
    • How to build a proper allowlist for API security

Speaker

Isabelle Mauny
Isabelle Mauny

Field CTO and Co-founder

   

Watch the Webinar

Browse the Deck

Latest Resources

BLOG

Securing Model Context Protocol (MCP)

By Anthony Lonergan | November 18, 2025

How MCP’s contract-based design promotes automated tool discovery and secure execution Since its introduction, the Model Context Protocol (MCP) has enjoyed widespread adoption, with new servers and registries appearing at a relentless pace. Now organizations are racing to evolve their technology strategies to keep up with the latest […]

NEWS

42Crunch Surpasses 2 Million Downloads, Launches New Freemium Offering and Expands Availability to Microsoft Security Store

By Newsdesk | November 19, 2025

San Francisco, CA — November 19, 2025 — 42Crunch, the leader in DevSecOps for API security, today announced that its freely available API security testing tools for developers—integrated directly into popular IDEs including VS Code, JetBrains, and Eclipse—has surpassed the 2 million downloads worldwide. This milestone reflects the […]

DataSheet

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Secure Your APIs Today

#1 API security platform

Free Trial