Webinar

Positive API Security Model, and Why You Need It!

December 10, 2019

Webinar Thumb Preview-1024x585px copy

Many of the issues on the OWASP API Security Top 10 are triggered by the lack of input or output validation.

To protect APIs from such issues, an API-native, positive security approach is required: we create an allowlist of the characteristics of allowed requests. These characteristics are used to validate input and output data for things like data type, min or max length, permitted characters, or valid values ranges. But how do we fill the gap between security and development mentioned above?

What you’ll learn:

    • Why WAFs fail in protecting APIs
    • How an allowlist protects against A3, A6 and A8 of the OWASP API Security Top 10 – (with real-life examples)
    • How to build a proper allowlist for API security

Speaker

Isabelle Mauny
Isabelle Mauny

Field CTO and Co-founder

   

Watch the Webinar

Browse the Deck

Latest Resources

BLOG

Empathy for the API Developer

By Colin Domoney | July 25, 2022

Colin Domoney from 42Crunch, in his recent article on DevOps.com, addresses the disconnect between development and security teams and explains the key challenges facing developers in creating secure API code. Better understanding of the challenges on both sides can help create greater empathy which in turn can help […]

NEWS

42Crunch Announce OWASP Membership

42Crunch becomes a member of OWASP to Advance API Security 

By Newsdesk | November 14, 2022

November 14, 2022, San Francisco, CA –  42Crunch is pleased to announce our corporate membership of the Open Web Application Security Project (OWASP), a worldwide not-for-profit charitable organization focused on improving the security of software. At 42Crunch we have always been inspired by OWASP’s role as an enabler […]

DataSheet

Datasheet Cover Images P1-02

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.

Get Started