BLOG

Questions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1

June 1, 2020| by42Crunch

You had questions, and we’ve got answers!

Thank you for all the questions submitted on our “42Crunch Security Audit for WSO2 API Manager 3.1” webinar. Below is the replay and all the answers to the questions that were asked. If you’d like more information please feel free to contact us.

 

[xyz-ihs snippet=”WSO2-Webinar”]

 

 

 

Is this audit feature available with the community version of WSO2?

Yes it is. WSO2 delivers open source products which are fully functional.

 

What do you have to do on the 42Crunch side to enable this WSO2 feature?

You need to self-register and obtain an API token to be able to invoke the audit. The instructions are visible here: https://apim.docs.wso2.com/en/next/learn/api-security/configuring-api-security-audit/.

 

Is it possible to automate the solution of some problems?

Problem remediation requires knowledge of the API. It is very hard to automate the discovery of an OAS file beyond the basics (verb, path, header and query param names, basic schemas). For data formats and limits, you need to use inner knowledge of your data and processes. This said, at 42Crunch, we are working on making it easier to remediate issues by identifying repeating patterns, suggesting regular expressions and limits for known formats (like uuids, dates or credit card numbers) so that you can quickly remediate issues.

 

Try our security audit for free. If you want to see the whole platform in action, request a demo now!

Latest Resources

WEBINAR

When GenAI Meets Risky APIs

42Crunch demonstrate how GenAI can be used to exploit unsecured APIs to gain unauthorized access, inject malicious prompts and manipulate data. Also learn how to prevent your APIs from being undermined by adopting a proactive API security as code approach to defending your APIs.

Sept 26, 2024 | 9am PDT | 2pm EDT | 5pm BST

NEWS

VicOne Partners with 42Crunch to Deliver Uniquely Comprehensive Security Across SDV and Connected-Vehicle Ecosystem

By Newsdesk | May 29, 2024

Collaboration pairs leaders in API and automotive cybersecurity to enable broad protectionĀ as attacks on automotive APIs climb within and among vehicle, cloud and mobileĀ  DALLAS and TOKYO, May 29, 2024ā€”VicOne, an automotive cybersecurity solutions leader, today announced a partnership with 42Crunch Ā to enhance the security of application programming […]

DataSheet

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterpriseā€™s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developersā€™ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

WEBINAR

When GenAI Meets Risky APIs

42Crunch demonstrate how GenAI can be used to exploit unsecured APIs to gain unauthorized access, inject malicious prompts and manipulate data. Also learn how to prevent your APIs from being undermined by adopting a proactive API security as code approach to defending your APIs.

Sept 26, 2024 | 9am PDT | 2pm EDT | 5pm BST

NEWS

VicOne Partners with 42Crunch to Deliver Uniquely Comprehensive Security Across SDV and Connected-Vehicle Ecosystem

By Newsdesk | May 29, 2024

Collaboration pairs leaders in API and automotive cybersecurity to enable broad protectionĀ as attacks on automotive APIs climb within and among vehicle, cloud and mobileĀ  DALLAS and TOKYO, May 29, 2024ā€”VicOne, an automotive cybersecurity solutions leader, today announced a partnership with 42Crunch Ā to enhance the security of application programming […]

DataSheet

Datasheet Cover Images P1-02

Product Datasheet Addressing API Security Challenges

APIs are the core building block of every enterpriseā€™s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developersā€™ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.

Get Started