{"id":11,"date":"2022-02-05T13:32:53","date_gmt":"2022-02-05T13:32:53","guid":{"rendered":"https:\/\/42crdev.prexihost.com\/?page_id=11"},"modified":"2023-01-23T12:46:18","modified_gmt":"2023-01-23T12:46:18","slug":"blog","status":"publish","type":"page","link":"https:\/\/staging2022.42crunch.com\/blog\/","title":{"rendered":"Blog"},"content":{"rendered":"\n\n\t\t<h1>\n\t\t\tBlog\n\t\t\t\t\t\tKnowledge Series on API Security and API Security Best Practices\n\t\t<\/h1>\n\t\t\t\t\t<ul id=\"menu-type-menu\"><li id=\"menu-item-11644\"><a href=\"#\">Type<\/a>\n<ul>\n\t<li id=\"menu-item-11591\"><a href=\"https:\/\/staging2022.42crunch.com\/category\/popular\/\">Popular<\/a><\/li>\n\t<li id=\"menu-item-11584\"><a href=\"https:\/\/staging2022.42crunch.com\/blog\/\">Blog<\/a><\/li>\n\t<li id=\"menu-item-11588\"><a href=\"https:\/\/staging2022.42crunch.com\/news\/\">News<\/a><\/li>\n\t<li id=\"menu-item-15011\"><a href=\"https:\/\/staging2022.42crunch.com\/category\/in-the-news\/\">In the News<\/a><\/li>\n\t<li id=\"menu-item-11590\"><a href=\"https:\/\/staging2022.42crunch.com\/webinars\/\">Webinars<\/a><\/li>\n\t<li id=\"menu-item-11589\"><a href=\"https:\/\/staging2022.42crunch.com\/tutorials\/\">Tutorials<\/a><\/li>\n\t<li id=\"menu-item-11585\"><a href=\"https:\/\/staging2022.42crunch.com\/datasheets\/\">Datasheets<\/a><\/li>\n\t<li id=\"menu-item-11587\"><a href=\"https:\/\/staging2022.42crunch.com\/free-tools\/\">Free Tools<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\t\n\t\t\t\t\t<ul id=\"menu-topic-menu\"><li id=\"menu-item-11643\"><a href=\"#\">Topic<\/a>\n<ul>\n\t<li id=\"menu-item-15013\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-inventory\/\">API Inventory<\/a><\/li>\n\t<li id=\"menu-item-15014\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-security\/\">API Security<\/a><\/li>\n\t<li id=\"menu-item-15015\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-security-platform\/\">API Security Platform<\/a><\/li>\n\t<li id=\"menu-item-15016\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-security-training\/\">API Security Training<\/a><\/li>\n\t<li id=\"menu-item-15017\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-testing\/\">API Testing<\/a><\/li>\n\t<li id=\"menu-item-15019\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/api-vulnerabilities\/\">API Vulnerabilities<\/a><\/li>\n\t<li id=\"menu-item-15020\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/microsoft-azure-marketplace\/\">Microsoft Azure Marketplace<\/a><\/li>\n\t<li id=\"menu-item-15022\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/openapi-specification\/\">OpenAPI Specification<\/a><\/li>\n\t<li id=\"menu-item-15023\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/openapi-swagger-editor\/\">OpenAPI\/Swagger Editor<\/a><\/li>\n\t<li id=\"menu-item-15024\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/owasp-api-security-top-10\/\">OWASP API Security Top 10<\/a><\/li>\n\t<li id=\"menu-item-15025\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/platform-overview-t\/\">Platform Overview<\/a><\/li>\n\t<li id=\"menu-item-15026\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/press-release\/\">Press Release<\/a><\/li>\n\t<li id=\"menu-item-15027\"><a href=\"https:\/\/staging2022.42crunch.com\/tag\/shift-left\/\">Shift-Left<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\t\n\t\t\t\t\t<ul id=\"menu-author-menu\"><li id=\"menu-item-11642\"><a href=\"#\">Author<\/a>\n<ul>\n\t<li id=\"menu-item-11635\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/pierrick-prevert\/\">Pierrick Pr\u00e9vert<\/a><\/li>\n\t<li id=\"menu-item-11636\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\">Hugh Carroll<\/a><\/li>\n\t<li id=\"menu-item-11637\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/mark-dolan\/\">Mark Dolan<\/a><\/li>\n\t<li id=\"menu-item-11638\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/dr-philippe-de-ryck\/\">Philippe de Ryck<\/a><\/li>\n\t<li id=\"menu-item-11639\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/colin-domoney\/\">Colin Domoney<\/a><\/li>\n\t<li id=\"menu-item-11640\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\">Edgar Silva<\/a><\/li>\n\t<li id=\"menu-item-11641\"><a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\t\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/when-shift-left-is-more-than-a-marketing-campaign\/\" content=\"When Shift-Left is more than a marketing campaign\" \/><meta itemprop=\"datePublished\" content=\"2022-05-24\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/tom-chang\/\" \/><meta itemprop=\"name\" content=\"Tom Chang\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/Kinsale-scaled-1024x585-1.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"585\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/when-shift-left-is-more-than-a-marketing-campaign\/\" title=\"When Shift-Left is more than a marketing campaign\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/Kinsale-scaled-1024x585-1.png\" alt=\"Kinsale-scaled-1024x585\" itemprop=\"image\" data-no-lazy=\"1\" height=\"585\" width=\"1024\" title=\"Kinsale-scaled-1024x585\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWhen Shift-Left is more than a marketing campaign\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/tom-chang\/\">Tom Chang<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMay 24, 2022\t\t\t\t\t\t\n    <p>Earlier this month I had the chance to join my new colleagues from 42Crunch at our all-hands in Ireland and I couldn&#8217;t be more excited that there&#8217;s something special that we&#8217;re building here. Setting aside that Cork and Kinsale are some of the prettiest places I&#8217;ve ever visited, I was able to see how passionate &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/when-shift-left-is-more-than-a-marketing-campaign\/\"> When Shift-Left is more than a marketing campaign Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/sua-empresa-nao-tem-alternativa-proteger-as-apis-da-forma-correta-passa-a-ser-uma-obrigacao\/\" content=\"Sua empresa n\u00e3o tem alternativa: Proteger as APIs da forma correta passa a ser uma obriga\u00e7\u00e3o\" \/><meta itemprop=\"datePublished\" content=\"2022-05-18\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\" \/><meta itemprop=\"name\" content=\"Edgar Silva\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/API-cybersecurity-1024x585-1.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"585\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/sua-empresa-nao-tem-alternativa-proteger-as-apis-da-forma-correta-passa-a-ser-uma-obrigacao\/\" title=\"Sua empresa n\u00e3o tem alternativa: Proteger as APIs da forma correta passa a ser uma obriga\u00e7\u00e3o\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/API-cybersecurity-1024x585-1.png\" alt=\"API-cybersecurity-1024x585\" itemprop=\"image\" data-no-lazy=\"1\" height=\"585\" width=\"1024\" title=\"API-cybersecurity-1024x585\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tSua empresa n\u00e3o tem alternativa: Proteger as APIs da forma correta passa a ser uma obriga\u00e7\u00e3o\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\">Edgar Silva<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMay 18, 2022\t\t\t\t\t\t\n    <p>O grande susto Um amigo comentou comigo um epis\u00f3dio interessante: Telefonaram para ele dizendo que era um canal de n\u00edvel oito de seu banco, confirmando dados como endere\u00e7o, nome de m\u00e3e e pai, c\u00f4njuge, filhos etc, dizendo que existiam transa\u00e7\u00f5es suspeitas, e que a conta dele havia sido invadida e ele precisava ligar urgentemente para &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/sua-empresa-nao-tem-alternativa-proteger-as-apis-da-forma-correta-passa-a-ser-uma-obrigacao\/\"> Sua empresa n\u00e3o tem alternativa: Proteger as APIs da forma correta passa a ser uma obriga\u00e7\u00e3o Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/lessons-learned-from-the-spring4shell-vulnerability\/\" content=\"Lessons learned from the Spring4Shell vulnerability\" \/><meta itemprop=\"datePublished\" content=\"2022-04-01\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/pierrick-prevert\/\" \/><meta itemprop=\"name\" content=\"Pierrick Pr\u00e9vert\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/04\/Hackerhoodie-Spring4Shell.png\" \/><meta itemprop=\"width\" content=\"1260\" \/><meta itemprop=\"height\" content=\"720\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/lessons-learned-from-the-spring4shell-vulnerability\/\" title=\"Lessons learned from the Spring4Shell vulnerability\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/04\/Hackerhoodie-Spring4Shell-1024x585.png\" alt=\"Hackerhoodie-Spring4Shell\" itemprop=\"image\" data-no-lazy=\"1\" height=\"585\" width=\"1024\" title=\"Hackerhoodie-Spring4Shell\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tLessons learned from the Spring4Shell vulnerability\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/pierrick-prevert\/\">Pierrick Pr\u00e9vert<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tApril 1, 2022\t\t\t\t\t\t\n    <p>Recently we published an article on the log4shell vulnerability targeting log4j, in which we explained how APIs can be protected against injection attacks with a positive security model, and how 42Crunch easily enables such a model. Now, it&#8217;s time for the Spring4Shell (CVE-2022-22965) vulnerability, targeting the Spring framework, commonly used to build APIs. What can &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/lessons-learned-from-the-spring4shell-vulnerability\/\"> Lessons learned from the Spring4Shell vulnerability Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/why-developer-first-api-security-is-prevailing-in-enterprise\/\" content=\"Why Developer-First API Security is Prevailing in Enterprise\" \/><meta itemprop=\"datePublished\" content=\"2022-03-07\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\" \/><meta itemprop=\"name\" content=\"Hugh Carroll\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/03\/Api_security_banner_mar_2022-1536x808-1.png\" \/><meta itemprop=\"width\" content=\"1260\" \/><meta itemprop=\"height\" content=\"720\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/why-developer-first-api-security-is-prevailing-in-enterprise\/\" title=\"Why Developer-First API Security is Prevailing in Enterprise\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/03\/Api_security_banner_mar_2022-1536x808-1-1024x585.png\" alt=\"Api_security_banner_mar_2022-1536x808-1\" itemprop=\"image\" data-no-lazy=\"1\" height=\"585\" width=\"1024\" title=\"Api_security_banner_mar_2022-1536x808-1\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWhy Developer-First API Security is Prevailing in Enterprise\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\">Hugh Carroll<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMarch 7, 2022\t\t\t\t\t\t\n    <p>Why Developer-First API Security is Prevailing in Enterprise. The DevSecOps movement has led to a distinct &#8220;shift-left&#8221; in the enterprise where tasks are moved earlier in the development cycle so that developers can directly address production concerns as the code is being written. Companies are realizing greater business benefits from this shift-left approach, with accelerated &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/why-developer-first-api-security-is-prevailing-in-enterprise\/\"> Why Developer-First API Security is Prevailing in Enterprise Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/how-developers-can-become-api-security-champions\/\" content=\"How Developers Can Become API Security Champions\" \/><meta itemprop=\"datePublished\" content=\"2022-02-15\" \/><meta itemprop=\"dateModified\" content=\"2022-11-28\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\" \/><meta itemprop=\"name\" content=\"Hugh Carroll\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/02\/42C_Security-Champions_Blog.png\" \/><meta itemprop=\"width\" content=\"1260\" \/><meta itemprop=\"height\" content=\"720\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/how-developers-can-become-api-security-champions\/\" title=\"How Developers Can Become API Security Champions\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/02\/42C_Security-Champions_Blog-1024x585.png\" alt=\"42C_Security-Champions_Blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"585\" width=\"1024\" title=\"42C_Security-Champions_Blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tHow Developers Can Become API Security Champions\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\">Hugh Carroll<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tFebruary 15, 2022\t\t\t\t\t\t\n    <p>Question: Everyone is talking about DevSecOps, why are we not able to fix the security issues? Despite the obvious challenges, Colin believes that the industry has made progress as compared to ten years ago when very insecure code was prevalent. Today&#8217;s code is definitely more secure and security is improving &#8211; thankfully most developers are &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/how-developers-can-become-api-security-champions\/\"> How Developers Can Become API Security Champions Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/why-do-apis-merit-a-separate-owasp-top-10-listing\/\" content=\"Why Do APIs Merit a Separate OWASP Top 10 Listing?\" \/><meta itemprop=\"datePublished\" content=\"2022-02-08\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/mark-dolan\/\" \/><meta itemprop=\"name\" content=\"Mark Dolan\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/42C_Separate_OWASP_Listing_Blog.png\" \/><meta itemprop=\"width\" content=\"1522\" \/><meta itemprop=\"height\" content=\"811\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/why-do-apis-merit-a-separate-owasp-top-10-listing\/\" title=\"Why Do APIs Merit a Separate OWASP Top 10 Listing?\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/42C_Separate_OWASP_Listing_Blog-1024x546.png\" alt=\"42C_Separate_OWASP_Listing_Blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"546\" width=\"1024\" title=\"42C_Separate_OWASP_Listing_Blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWhy Do APIs Merit a Separate OWASP Top 10 Listing?\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/mark-dolan\/\">Mark Dolan<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tFebruary 8, 2022\t\t\t\t\t\t\n    <p>Throughout the 3 part webinar series &#8220;API Security Landscape Today and the OWASP API Security Top 10 Challenges&#8221; we will publish blog posts that highlight some of the main talking points addressed by the speakers.\u00a0 In this post, Philippe and Colin explore the differences between APIs and web apps that necessitated the creation of a &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/why-do-apis-merit-a-separate-owasp-top-10-listing\/\"> Why Do APIs Merit a Separate OWASP Top 10 Listing? Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/protecting-your-apis-against-log4shell-with-42crunch\/\" content=\"Protecting your APIs against Log4Shell with 42Crunch\" \/><meta itemprop=\"datePublished\" content=\"2022-01-26\" \/><meta itemprop=\"dateModified\" content=\"2022-11-28\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/pierrick-prevert\/\" \/><meta itemprop=\"name\" content=\"Pierrick Pr\u00e9vert\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Log4Shell-Blog.jpeg\" \/><meta itemprop=\"width\" content=\"800\" \/><meta itemprop=\"height\" content=\"534\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/protecting-your-apis-against-log4shell-with-42crunch\/\" title=\"Protecting your APIs against Log4Shell with 42Crunch\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Log4Shell-Blog.jpeg\" alt=\"Log4Shell - Blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"534\" width=\"800\" title=\"Log4Shell - Blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tProtecting your APIs against Log4Shell with 42Crunch\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/pierrick-prevert\/\">Pierrick Pr\u00e9vert<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJanuary 26, 2022\t\t\t\t\t\t\n    <p>On December 9th, 2021, the log4shell vulnerability hit the news and it has since been every security team&#8217;s worst nightmare: trivially exploitable, huge impact with RCE (Remote Code Execution), on a component widely used across traditional enterprise technological stacks, both in in-house and third-party software. All this combined explains its CVSS rating of 10 &#8211; &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/protecting-your-apis-against-log4shell-with-42crunch\/\"> Protecting your APIs against Log4Shell with 42Crunch Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t\t\t\t\t|\n\t\t    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/popular\/\">Popular<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/7-ways-to-avoid-jwt-pitfalls\/\" content=\"7 Ways to Avoid JWT Security Pitfalls\" \/><meta itemprop=\"datePublished\" content=\"2021-12-22\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/dr-philippe-de-ryck\/\" \/><meta itemprop=\"name\" content=\"Philippe de Ryck\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-Logo-Blog-7-ways-to-enhance.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/7-ways-to-avoid-jwt-pitfalls\/\" title=\"7 Ways to Avoid JWT Security Pitfalls\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-Logo-Blog-7-ways-to-enhance-1024x521.jpeg\" alt=\"Protect analytics low poly blue\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"Protect analytics low poly blue\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t7 Ways to Avoid JWT Security Pitfalls\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/dr-philippe-de-ryck\/\">Philippe de Ryck<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tDecember 22, 2021\t\t\t\t\t\t\n    <p>Dec 22nd 2021. \u00a0Author: Dr. Philippe de Ryck, Pragmatic Web Security, Like them or hate them, JSON Web Tokens (JWT) are everywhere. OAuth 2.0 and OpenID Connect rely heavily on JWTs. Many applications use JWTs to implement custom security mechanisms. And every language or framework offers plenty of support for JWTs. Unfortunately, JWTs also lie &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/7-ways-to-avoid-jwt-pitfalls\/\"> 7 Ways to Avoid JWT Security Pitfalls Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t\t\t\t\t|\n\t\t    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/popular\/\">Popular<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/application-security-tools-are-not-up-to-the-job-of-api-security\/\" content=\"Application Security Tools Are Not up to the Job of API Security\" \/><meta itemprop=\"datePublished\" content=\"2021-10-05\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/colin-domoney\/\" \/><meta itemprop=\"name\" content=\"Colin Domoney\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Why-application-security-tools-are-not-blog.jpeg\" \/><meta itemprop=\"width\" content=\"900\" \/><meta itemprop=\"height\" content=\"395\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/application-security-tools-are-not-up-to-the-job-of-api-security\/\" title=\"Application Security Tools Are Not up to the Job of API Security\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Why-application-security-tools-are-not-blog.jpeg\" alt=\"API - Application Programming Interface. Software development tool. Business, modern technology, internet and networking concept\" itemprop=\"image\" data-no-lazy=\"1\" height=\"395\" width=\"900\" title=\"API - Application Programming Interface. Software development tool. Business, modern technology, internet and networking concept\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tApplication Security Tools Are Not up to the Job of API Security\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/colin-domoney\/\">Colin Domoney<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tOctober 5, 2021\t\t\t\t\t\t\n    <p>The last two decades have seen a proliferation of software (according to GitHub there has been a 35% increase in code repositories in 2020 alone) into every aspect of our lives in the form of web or mobile applications. Adversaries have increasingly attacked these applications, and defenders have adopted various testing tools and technologies to &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/application-security-tools-are-not-up-to-the-job-of-api-security\/\"> Application Security Tools Are Not up to the Job of API Security Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/how-to-test-api-security-throughout-the-api-lifecycle-with-postman-and-42crunch\/\" content=\"How to test API security throughout the API lifecycle with Postman and 42Crunch\" \/><meta itemprop=\"datePublished\" content=\"2021-06-23\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\" \/><meta itemprop=\"name\" content=\"Hugh Carroll\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/11\/api-explosion-1024x578-1.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"578\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/how-to-test-api-security-throughout-the-api-lifecycle-with-postman-and-42crunch\/\" title=\"How to test API security throughout the API lifecycle with Postman and 42Crunch\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/11\/api-explosion-1024x578-1.png\" alt=\"api-explosion-1024x578\" itemprop=\"image\" data-no-lazy=\"1\" height=\"578\" width=\"1024\" title=\"api-explosion-1024x578\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tHow to test API security throughout the API lifecycle with Postman and 42Crunch\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/hugh-carroll\/\">Hugh Carroll<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 23, 2021\t\t\t\t\t\t\n    <p>Postman, the API collaboration platform for developers, advocates an API-First approach for companies. Using 42Crunch, API developers and application security teams can now implement API security design and testing as part of their API-First approach in Postman. Kin Lane, chief Evangelist with Postman recently joined Isabelle Mauny, Field CTO at 42Crunch for a webinar to &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/how-to-test-api-security-throughout-the-api-lifecycle-with-postman-and-42crunch\/\"> How to test API security throughout the API lifecycle with Postman and 42Crunch Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-net-core\/\" content=\"Creating High Quality OAS Definitions with .Net Core\" \/><meta itemprop=\"datePublished\" content=\"2021-05-03\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\" \/><meta itemprop=\"name\" content=\"Edgar Silva\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/netcore-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-net-core\/\" title=\"Creating High Quality OAS Definitions with .Net Core\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/netcore-blog-1024x521.jpeg\" alt=\"netcore-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"netcore-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tCreating High Quality OAS Definitions with .Net Core\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\">Edgar Silva<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMay 3, 2021\t\t\t\t\t\t\n    <p>This document highlights how code annotations can be used to enhance the quality and the security posture for customers using .Net Core. 42Crunch security recommendations help enterprises discover and remediate vulnerabilities much more quickly (up to 25X more quickly) while saving 90% of manual costs (whether through internal efforts or external pen-testing). Using the Available &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-net-core\/\"> Creating High Quality OAS Definitions with .Net Core Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-springfox-part-2-data-validation\/\" content=\"Creating High Quality OAS Definitions with Springfox &#8211; Part 2: Data Validation\" \/><meta itemprop=\"datePublished\" content=\"2021-04-26\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\" \/><meta itemprop=\"name\" content=\"Edgar Silva\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/springfox-blog-2.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-springfox-part-2-data-validation\/\" title=\"Creating High Quality OAS Definitions with Springfox &#8211; Part 2: Data Validation\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/springfox-blog-2-1024x521.jpeg\" alt=\"springfox-blog-2\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"springfox-blog-2\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tCreating High Quality OAS Definitions with Springfox &#8211; Part 2: Data Validation\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/edgar-silva\/\">Edgar Silva<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tApril 26, 2021\t\t\t\t\t\t\n    <p>In the first part of this blog, we had covered the security aspects of Spring Boot Microservices and how to inject them into your code level to generate higher quality OAS (Swagger) files. In this second part, we will cover aspects regarding attributes, operations, and data. Data Validation for Secure APIs You must be aware &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/creating-high-quality-oas-definitions-with-springfox-part-2-data-validation\/\"> Creating High Quality OAS Definitions with Springfox &#8211; Part 2: Data Validation Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/strengthening-api-security-posture\/\" content=\"Strengthening Your API Security Posture &#8211; Ford Motor Company\" \/><meta itemprop=\"datePublished\" content=\"2021-03-31\" \/><meta itemprop=\"dateModified\" content=\"2022-11-18\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Ford-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/strengthening-api-security-posture\/\" title=\"Strengthening Your API Security Posture &#8211; Ford Motor Company\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Ford-blog-1024x521.jpeg\" alt=\"Ford-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"Ford-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tStrengthening Your API Security Posture &#8211; Ford Motor Company\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMarch 31, 2021\t\t\t\t\t\t\n    <p>LOSING MY RELIGION: Successful and unsuccessful approaches to API Security in a global enterprise &#8211; A take on Ford Motor Company&#8217;s approach to API security and the journey to enforce security compliance while ensuring productivity of thousands of developers managing thousands of APIs. The Cybersecurity Snowball Effect With development Communities and product teams, there are &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/strengthening-api-security-posture\/\"> Strengthening Your API Security Posture &#8211; Ford Motor Company Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/springfox-guide-security-definitions\/\" content=\"Creating High Quality OAS Definitions with Springfox &#8211; Part 1: Security Definitions\" \/><meta itemprop=\"datePublished\" content=\"2021-03-09\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/springfox-p1-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/springfox-guide-security-definitions\/\" title=\"Creating High Quality OAS Definitions with Springfox &#8211; Part 1: Security Definitions\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/springfox-p1-blog-1024x521.jpeg\" alt=\"springfox-p1-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"springfox-p1-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tCreating High Quality OAS Definitions with Springfox &#8211; Part 1: Security Definitions\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMarch 9, 2021\t\t\t\t\t\t\n    <p>Spring Boot is a popular framework to build applications and APIs. Leveraging the Springfox project and code annotations, developers can generate OAS files with a high 42Crunch Security Audit score. What is the 42Crunch Security Audit? The 42Crunch Security Audit is one of 3 services from the 42Crunch API Security Platform: it consumes OpenAPI (Swagger) &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/springfox-guide-security-definitions\/\"> Creating High Quality OAS Definitions with Springfox &#8211; Part 1: Security Definitions Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t\t\t\t\t|\n\t\t    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/popular\/\">Popular<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt-api-security\/\" content=\"Questions Answered: How to Best Leverage JWTs or API Security\" \/><meta itemprop=\"datePublished\" content=\"2020-12-11\" \/><meta itemprop=\"dateModified\" content=\"2022-11-23\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-Logo-Blog-7-ways-to-enhance.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt-api-security\/\" title=\"Questions Answered: How to Best Leverage JWTs or API Security\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-Logo-Blog-7-ways-to-enhance-1024x521.jpeg\" alt=\"Protect analytics low poly blue\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"Protect analytics low poly blue\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: How to Best Leverage JWTs or API Security\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tDecember 11, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our webinar: &#8220;How to Best Leverage JWTs or API Security&#8221; We were unable to get to your questions, so below are all the answers to the questions that were asked! If you&#8217;d like more information please feel free to contact &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt-api-security\/\"> Questions Answered: How to Best Leverage JWTs or API Security Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/knowing-api-security-is-the-best-choice\/\" content=\"Why knowing is better than guessing for API Threat Protection\" \/><meta itemprop=\"datePublished\" content=\"2020-10-25\" \/><meta itemprop=\"dateModified\" content=\"2022-11-18\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/knowing-better-than-learning-blog-42crunch.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/knowing-api-security-is-the-best-choice\/\" title=\"Why knowing is better than guessing for API Threat Protection\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/knowing-better-than-learning-blog-42crunch-1024x521.jpeg\" alt=\"knowing-better-than-learning-blog-42crunch\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"knowing-better-than-learning-blog-42crunch\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWhy knowing is better than guessing for API Threat Protection\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tOctober 25, 2020\t\t\t\t\t\t\n    <p>Why do we need different solutions for API Threat protection? APIs are becoming a hot target for hackers. Analysts and cyber security specialists agree that the privileged position of APIs as the open doors to the enterprise kingdom make them a favorite to breach. For the past 20 years, Web Application Firewalls (WAFs ) have &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/knowing-api-security-is-the-best-choice\/\"> Why knowing is better than guessing for API Threat Protection Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-openapi-for-api-security\/\" content=\"Questions Answered: OpenAPI for API Security\" \/><meta itemprop=\"datePublished\" content=\"2020-07-23\" \/><meta itemprop=\"dateModified\" content=\"2022-11-23\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"521\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-openapi-for-api-security\/\" title=\"Questions Answered: OpenAPI for API Security\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" alt=\"webinar-blog-Q&amp;A\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-blog-Q&amp;A\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: OpenAPI for API Security\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJuly 23, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our webinar: &#8220;OpenAPI for API Security &#8211; Why guess when you know?!&#8221;\u00a0Below is the replay and all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; Webinar: OpenAPI for &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-openapi-for-api-security\/\"> Questions Answered: OpenAPI for API Security Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-lets-shift-api-security-left\/\" content=\"Questions Answered: Let&#8217;s shift API security left &#8211; sure, but how?\" \/><meta itemprop=\"datePublished\" content=\"2020-06-29\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"521\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-lets-shift-api-security-left\/\" title=\"Questions Answered: Let&#8217;s shift API security left &#8211; sure, but how?\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" alt=\"webinar-blog-Q&amp;A\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-blog-Q&amp;A\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: Let&#8217;s shift API security left &#8211; sure, but how?\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 29, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our webinar: &#8220;Let&#8217;s shift API security left &#8211; sure, but how?&#8221;\u00a0Below is the replay and all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;Webinar-Lets-Shift-API-Security-Left&#8221;] &nbsp; Don&#8217;t &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-lets-shift-api-security-left\/\"> Questions Answered: Let&#8217;s shift API security left &#8211; sure, but how? Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/adopting-a-positive-security-model\/\" content=\"42Crunch approach vs. Traditional WAF approach: using positive security by default\" \/><meta itemprop=\"datePublished\" content=\"2020-06-20\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/WAF-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/adopting-a-positive-security-model\/\" title=\"42Crunch approach vs. Traditional WAF approach: using positive security by default\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/WAF-blog-1024x521.jpeg\" alt=\"WAF-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"WAF-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t42Crunch approach vs. Traditional WAF approach: using positive security by default\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 20, 2020\t\t\t\t\t\t\n    <p>When talking to prospects or presenting our solution at conferences, we inevitably get asked the same question: what&#8217;s the difference between your solution and a Web Application Firewall (WAF)? The core difference is that we know what we are protecting, WAFs don&#8217;t. WAFs were built to protect web applications and there is no standard way &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/adopting-a-positive-security-model\/\"> 42Crunch approach vs. Traditional WAF approach: using positive security by default Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-security-audit-wso2\/\" content=\"Questions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1\" \/><meta itemprop=\"datePublished\" content=\"2020-06-01\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"521\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-security-audit-wso2\/\" title=\"Questions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" alt=\"webinar-blog-Q&amp;A\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-blog-Q&amp;A\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 1, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;42Crunch Security Audit for WSO2 API Manager 3.1&#8221; webinar. Below is the replay and all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;WSO2-Webinar&#8221;] &nbsp; &nbsp; &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-security-audit-wso2\/\"> Questions Answered: 42Crunch Security Audit for WSO2 API Manager 3.1 Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-top-api-security-issues-during-pocs\/\" content=\"Questions Answered: Top API Security Issues Found During POCs\" \/><meta itemprop=\"datePublished\" content=\"2020-05-26\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" \/><meta itemprop=\"width\" content=\"1024\" \/><meta itemprop=\"height\" content=\"521\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-top-api-security-issues-during-pocs\/\" title=\"Questions Answered: Top API Security Issues Found During POCs\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-blog-QA.png\" alt=\"webinar-blog-Q&amp;A\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-blog-Q&amp;A\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: Top API Security Issues Found During POCs\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMay 26, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;Top API Security Issues Found During POCs&#8221; webinar. Below is the replay and all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;POCs-Webinar&#8221;] &nbsp; &nbsp; Is &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-top-api-security-issues-during-pocs\/\"> Questions Answered: Top API Security Issues Found During POCs Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-anatomy-api-breaches\/\" content=\"Questions Answered: The Anatomy of Four API Breaches\" \/><meta itemprop=\"datePublished\" content=\"2020-05-04\" \/><meta itemprop=\"dateModified\" content=\"2022-11-22\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-anatomy-4-breaches.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-anatomy-api-breaches\/\" title=\"Questions Answered: The Anatomy of Four API Breaches\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-anatomy-4-breaches-1024x521.jpeg\" alt=\"webinar-questions-anatomy-4-breaches\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-questions-anatomy-4-breaches\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: The Anatomy of Four API Breaches\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMay 4, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;The Anatomy of Four API Breaches&#8221; webinar. Below is the replay and all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;Anatomy-API-Breach&#8221;] &nbsp; Does the implementation &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-anatomy-api-breaches\/\"> Questions Answered: The Anatomy of Four API Breaches Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-azure-pipelines\/\" content=\"Questions Answered: REST API Security by Design with Azure Pipelines\" \/><meta itemprop=\"datePublished\" content=\"2020-03-26\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-answered-azure.png\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-azure-pipelines\/\" title=\"Questions Answered: REST API Security by Design with Azure Pipelines\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-answered-azure-1024x521.png\" alt=\"webinar-questions-answered-azure\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-questions-answered-azure\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: REST API Security by Design with Azure Pipelines\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tMarch 26, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;REST API Security by Design with Azure Pipelines&#8221; webinar. Below are all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. REST API Security for\u00a0Microsoft Azure Pipelines.\u00a0Watch Webinar REST &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-azure-pipelines\/\"> Questions Answered: REST API Security by Design with Azure Pipelines Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-api-firewall\/\" content=\"Questions Answered: Protecting Microservices APIs with 42Crunch API Firewall\" \/><meta itemprop=\"datePublished\" content=\"2020-02-24\" \/><meta itemprop=\"dateModified\" content=\"2022-11-18\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-api-firewall.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-api-firewall\/\" title=\"Questions Answered: Protecting Microservices APIs with 42Crunch API Firewall\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/webinar-questions-api-firewall-1024x521.jpeg\" alt=\"webinar-questions-api-firewall\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"webinar-questions-api-firewall\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: Protecting Microservices APIs with 42Crunch API Firewall\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tFebruary 24, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;Protecting Microservices APIs with 42Crunch API Firewall&#8221; webinar. Below are all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;Protecting-microservices&#8221;] &nbsp; &nbsp; Can the sidecar be &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-api-firewall\/\"> Questions Answered: Protecting Microservices APIs with 42Crunch API Firewall Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt\/\" content=\"Questions Answered: Are you properly using JWTs?\" \/><meta itemprop=\"datePublished\" content=\"2020-02-03\" \/><meta itemprop=\"dateModified\" content=\"2022-11-23\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-webinar-42crunch.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt\/\" title=\"Questions Answered: Are you properly using JWTs?\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/JWT-webinar-42crunch-1024x521.jpeg\" alt=\"JWT-webinar-42crunch\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"JWT-webinar-42crunch\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: Are you properly using JWTs?\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tFebruary 3, 2020\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on our &#8220;Are you properly using JWTs?&#8221; webinar. Below are all the answers to the questions that were asked. If you&#8217;d like more information please feel free to contact us. &nbsp; [xyz-ihs snippet=&#8221;Jwt-webinar&#8221;] &nbsp; &nbsp; Is it considered safe if the &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-jwt\/\"> Questions Answered: Are you properly using JWTs? Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/why-api-firewall\/\" content=\"42Crunch API Firewall and API Management: why you need both!\" \/><meta itemprop=\"datePublished\" content=\"2020-01-29\" \/><meta itemprop=\"dateModified\" content=\"2022-11-18\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/42C-APIMgmt42c-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/why-api-firewall\/\" title=\"42Crunch API Firewall and API Management: why you need both!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/42C-APIMgmt42c-blog-1024x521.jpeg\" alt=\"42C-APIMgmt+42c-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"42C-APIMgmt+42c-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t42Crunch API Firewall and API Management: why you need both!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJanuary 29, 2020\t\t\t\t\t\t\n    <p>Every day, new breaches show us that we still have a long way to go with API security. In order to protect APIs, enterprises need to take a holistic approach, which includes the following: Securing the infrastructure: OS configuration, network configuration as well as containers. Properly configuring application servers: enforce TLS 1.2\/1.3, remove weak cipher &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/why-api-firewall\/\"> 42Crunch API Firewall and API Management: why you need both! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-questions-positive-security-apis\/\" content=\"Questions Answered: Positive Security for APIs Webinar\" \/><meta itemprop=\"datePublished\" content=\"2019-12-16\" \/><meta itemprop=\"dateModified\" content=\"2022-11-23\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Positive-Security-Model-webinar-QA.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-positive-security-apis\/\" title=\"Questions Answered: Positive Security for APIs Webinar\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Positive-Security-Model-webinar-QA-1024x521.jpeg\" alt=\"Positive-Security-Model-webinar-Q&amp;A\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"Positive-Security-Model-webinar-Q&amp;A\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: Positive Security for APIs Webinar\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tDecember 16, 2019\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on the Positive Security for APIs: What it is and why you need it!\u00a0We couldn&#8217;t get to all of them so we wanted to follow-up with a full list of all the Q&amp;A &#8211; and the slide deck as well! [xyz-ihs &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-questions-positive-security-apis\/\"> Questions Answered: Positive Security for APIs Webinar Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/owasp-api-security-top-10-cheat-sheet\/\" content=\"OWASP API Security Top 10 Cheat Sheet\" \/><meta itemprop=\"datePublished\" content=\"2019-12-16\" \/><meta itemprop=\"dateModified\" content=\"2022-11-08\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/owasp-api-security-top-10-cheat-sheet\/\" title=\"OWASP API Security Top 10 Cheat Sheet\"><\/a>\n\t\t\t\t<img decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/plugins\/bbpowerpack\/modules\/pp-content-grid\/images\/placeholder.jpg\" alt=\"\" itemprop=\"image\" data-no-lazy=\"1\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tOWASP API Security Top 10 Cheat Sheet\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tDecember 16, 2019\t\t\t\t\t\t\n    <p>Download our OWASP API Security Cheat Sheets to print out and hang on your wall! Download Cheat Sheet If you missed our latest presentation, check out the slides here: &nbsp; Visit the APIsecurity.io encyclopedia to learn more about the OWASP API Security Top 10. Videos for each coming soon! A1 : Broken Object Level Authorization &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/owasp-api-security-top-10-cheat-sheet\/\"> OWASP API Security Top 10 Cheat Sheet Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/webinar-owasp-questions-answered\/\" content=\"Questions Answered: OWASP API Security Top 10 Webinar\" \/><meta itemprop=\"datePublished\" content=\"2019-11-22\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-webinar-QA-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/webinar-owasp-questions-answered\/\" title=\"Questions Answered: OWASP API Security Top 10 Webinar\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-webinar-QA-blog-1024x521.jpeg\" alt=\"owasp-webinar-Q&amp;A-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"owasp-webinar-Q&amp;A-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tQuestions Answered: OWASP API Security Top 10 Webinar\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tNovember 22, 2019\t\t\t\t\t\t\n    <p>You had questions, and we&#8217;ve got answers! Thank you for all the questions submitted on the OWASP API Security Top 10 webinar on Nov 21. We couldn&#8217;t get to all of them so we wanted to follow-up with a full list of all the Q&amp;A &#8211; and the slide deck as well! [xyz-ihs snippet=&#8221;OWASP-webinar&#8221;] &nbsp; &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/webinar-owasp-questions-answered\/\"> Questions Answered: OWASP API Security Top 10 Webinar Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/deploying-devsecops-apis-tale-shifting-left\/\" content=\"Deploying DevSecOps for APIs: a tale of shifting left&#8230;\" \/><meta itemprop=\"datePublished\" content=\"2019-10-29\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/dont-shit-left-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/deploying-devsecops-apis-tale-shifting-left\/\" title=\"Deploying DevSecOps for APIs: a tale of shifting left&#8230;\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/dont-shit-left-blog-1024x521.jpeg\" alt=\"dont-shit-left-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"dont-shit-left-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tDeploying DevSecOps for APIs: a tale of shifting left&#8230;\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tOctober 29, 2019\t\t\t\t\t\t\n    <p>DevSecOps is a hot topic at the moment, and particularly relevant when dealing with API development. APIs are growing at an exponential rate: not only\u00a0 are they the backbone of any application, but microservices architecture imply exposing internal APIs for every microservice or group of microservices. The average number of APIs to protect within an &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/deploying-devsecops-apis-tale-shifting-left\/\"> Deploying DevSecOps for APIs: a tale of shifting left&#8230; Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/addressing-harbor-registry-vulnerability-with-42crunch\/\" content=\"Addressing Harbor Registry Vulnerability with 42Crunch\" \/><meta itemprop=\"datePublished\" content=\"2019-09-24\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/OWASP-api-security-harbor-vulnerability.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/addressing-harbor-registry-vulnerability-with-42crunch\/\" title=\"Addressing Harbor Registry Vulnerability with 42Crunch\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/OWASP-api-security-harbor-vulnerability-1024x521.jpeg\" alt=\"OWASP-api-security-harbor-vulnerability\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"OWASP-api-security-harbor-vulnerability\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAddressing Harbor Registry Vulnerability with 42Crunch\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tSeptember 24, 2019\t\t\t\t\t\t\n    <p>Hot from the press! There is a mass assignment vulnerability in the Harbor registry. Mass assignment is entry A6 on the OWASP API Security Top 10 list. A6 is described in the OWASP API Security Top 10 as: An API endpoint is vulnerable if it automatically converts client parameters into internal object properties without considering &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/addressing-harbor-registry-vulnerability-with-42crunch\/\"> Addressing Harbor Registry Vulnerability with 42Crunch Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/apisecurity-specifics\/\" content=\"API Security is not Web Application Security!\" \/><meta itemprop=\"datePublished\" content=\"2019-09-17\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/API-Security-Not-Traditional-web-security-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/apisecurity-specifics\/\" title=\"API Security is not Web Application Security!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/API-Security-Not-Traditional-web-security-blog-1024x521.jpeg\" alt=\"API-Security-Not-Traditional-web-security-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"API-Security-Not-Traditional-web-security-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAPI Security is not Web Application Security!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tSeptember 17, 2019\t\t\t\t\t\t\n    <p>When we started 42Crunch 3 years ago, we were convinced that a new market segment would emerge: API security. And the market is now catching up with our vision! This is exemplified by the recent release of the OWASP Top 10 for API Security threats document, which highlights threats that do not apply to traditional &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/apisecurity-specifics\/\"> API Security is not Web Application Security! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/we-need-the-controller-layer-back\/\" content=\"We Need the Controller Layer Back!\" \/><meta itemprop=\"datePublished\" content=\"2019-09-16\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/controller-layer-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/we-need-the-controller-layer-back\/\" title=\"We Need the Controller Layer Back!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/controller-layer-blog-1024x521.jpeg\" alt=\"controller-layer-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"controller-layer-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWe Need the Controller Layer Back!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tSeptember 16, 2019\t\t\t\t\t\t\n    <p>A couple days ago, I gave an API security workshop to highlight the OWASP Top 10 issues for APIs and some of the mistakes we keep doing at development time and pay for at runtime. Many of the issues related to data, such as improper data filtering, mass assignment or excessive data exposure, could be &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/we-need-the-controller-layer-back\/\"> We Need the Controller Layer Back! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/revolutionizing-api-security-interview\/\" content=\"Revolutionizing API Security &#8211; 42Crunch + Digital Anarchist\" \/><meta itemprop=\"datePublished\" content=\"2019-08-22\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/revolutionizing-api-security.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/revolutionizing-api-security-interview\/\" title=\"Revolutionizing API Security &#8211; 42Crunch + Digital Anarchist\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/revolutionizing-api-security-1024x521.jpeg\" alt=\"revolutionizing-api-security\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"revolutionizing-api-security\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tRevolutionizing API Security &#8211; 42Crunch + Digital Anarchist\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tAugust 22, 2019\t\t\t\t\t\t\n    <p>42Crunch CEO, Jacques Declas, sat down with Alan Shimel of Digital Anarchist at this year&#8217;s RSA APJ show to discuss new trends in API Security, DevSecOps, and what tools you need to keep up! &nbsp; [Alan Shimel] Hey everyone, it&#8217;s Alan Shimel for DevOps.com Security Boulevard. We&#8217;re here in Singapore at RSA APJ. We&#8217;re right &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/revolutionizing-api-security-interview\/\"> Revolutionizing API Security &#8211; 42Crunch + Digital Anarchist Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/platform-enhancements-june-2019\/\" content=\"Enhance Your DevSecOps Experience with the 42Crunch API Security Platform\" \/><meta itemprop=\"datePublished\" content=\"2019-06-26\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\" \/><meta itemprop=\"name\" content=\"42Crunch\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/platform-enhancements-june-2019\/\" title=\"Enhance Your DevSecOps Experience with the 42Crunch API Security Platform\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2019\/06\/42crunch-api-security-audit-1024x607.png\" alt=\"42crunch-api-security-audit\" itemprop=\"image\" data-no-lazy=\"1\" height=\"607\" width=\"1024\" title=\"42crunch-api-security-audit\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tEnhance Your DevSecOps Experience with the 42Crunch API Security Platform\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/42crunch\/\">42Crunch<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 26, 2019\t\t\t\t\t\t\n    <p>The 42Crunch platform offers DevSecOps teams a unique set of integrated API security tools which allow discovery, remediation of OpenAPI vulnerabilities and runtime protection against API attacks. The 42Crunch June 2019 release introduces an updated, easy to use UI along with key enhancements to API contract security audit reports, full user management for organization administrators, &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/platform-enhancements-june-2019\/\"> Enhance Your DevSecOps Experience with the 42Crunch API Security Platform Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/api-security-top-10\/\" content=\"Hot off the press: the OWASP API Security Top 10 list!\" \/><meta itemprop=\"datePublished\" content=\"2019-06-18\" \/><meta itemprop=\"dateModified\" content=\"2022-11-28\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/newsdesk\/\" \/><meta itemprop=\"name\" content=\"Newsdesk\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-top-10-blog.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/api-security-top-10\/\" title=\"Hot off the press: the OWASP API Security Top 10 list!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-top-10-blog-1024x521.jpeg\" alt=\"owasp-top-10-blog\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"owasp-top-10-blog\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tHot off the press: the OWASP API Security Top 10 list!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/newsdesk\/\">Newsdesk<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJune 18, 2019\t\t\t\t\t\t\n    <p>Last week, a new OWASP project was launched at the Global AppSec conference in Tel Aviv: the API Security Top 10 list. The project information and initial Top 10 list were presented by Erez Yalon (Checkmarx) and Inon Shkedy and you can download the presentation PDF. We have also created an OWASP API Security Top &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/api-security-top-10\/\"> Hot off the press: the OWASP API Security Top 10 list! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/api-security-separating-truth-fiction\/\" content=\"API Security: separating truth from fiction\" \/><meta itemprop=\"datePublished\" content=\"2019-04-16\" \/><meta itemprop=\"dateModified\" content=\"2022-09-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/API-Security-Fact-Fiction.png\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/api-security-separating-truth-fiction\/\" title=\"API Security: separating truth from fiction\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/API-Security-Fact-Fiction-1024x521.png\" alt=\"API-Security-Fact-Fiction\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"API-Security-Fact-Fiction\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAPI Security: separating truth from fiction\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tApril 16, 2019\t\t\t\t\t\t\n    <p>Where is the truth and what&#8217;s the fiction ? In this webinar Alexei Balaganski, Lead Analyst at Kuppinger Cole and myself contrasted our experience with customers and prospects and came up with a list of facts and fictions about API security. We both have seen a surge of interest in API security after a challenging &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/api-security-separating-truth-fiction\/\"> API Security: separating truth from fiction Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/token-management-best-practices\/\" content=\"Token Management Security Best Practices\" \/><meta itemprop=\"datePublished\" content=\"2018-11-19\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Trust-No-One.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"628\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/token-management-best-practices\/\" title=\"Token Management Security Best Practices\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Trust-No-One-1024x536.jpeg\" alt=\"Trust-No-One\" itemprop=\"image\" data-no-lazy=\"1\" height=\"536\" width=\"1024\" title=\"Trust-No-One\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tToken Management Security Best Practices\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tNovember 19, 2018\t\t\t\t\t\t\n    <p>We recently participated to the DZone mobile apps development guide to highlights some of the key best practices when dealing with API keys and tokens. Below is an excerpt, the full article is available on DZone! Modern applications, both \u00a0web-based and native, rely on APIs on the backend to access protected resources. To authorise access &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/token-management-best-practices\/\"> Token Management Security Best Practices Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/api-security-faq\/\" content=\"API Security FAQ : the top 5 questions we answered at the APIWorld conference!\" \/><meta itemprop=\"datePublished\" content=\"2017-10-10\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/QA-API-World.jpeg\" \/><meta itemprop=\"width\" content=\"1200\" \/><meta itemprop=\"height\" content=\"611\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/api-security-faq\/\" title=\"API Security FAQ : the top 5 questions we answered at the APIWorld conference!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/QA-API-World-1024x521.jpeg\" alt=\"Q&amp;A-API-World\" itemprop=\"image\" data-no-lazy=\"1\" height=\"521\" width=\"1024\" title=\"Q&amp;A-API-World\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tAPI Security FAQ : the top 5 questions we answered at the APIWorld conference!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tOctober 10, 2017\t\t\t\t\t\t\n    <p>The APIWorld conference came to end last week. This was the first public preview of our platform! We had a blast talking to many attendees and presenting at the event. This also gave us the opportunity to address a few common questions relative to API security and our product. 1. I have seen 3 vendors &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/api-security-faq\/\"> API Security FAQ : the top 5 questions we answered at the APIWorld conference! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/act-on-api-security\/\" content=\"Start acting on API Security today!\" \/><meta itemprop=\"datePublished\" content=\"2017-07-25\" \/><meta itemprop=\"dateModified\" content=\"2022-11-24\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Act-On-API-Security-Now.jpeg\" \/><meta itemprop=\"width\" content=\"752\" \/><meta itemprop=\"height\" content=\"311\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/act-on-api-security\/\" title=\"Start acting on API Security today!\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/Act-On-API-Security-Now.jpeg\" alt=\"Act-On-API-Security-Now\" itemprop=\"image\" data-no-lazy=\"1\" height=\"311\" width=\"752\" title=\"Act-On-API-Security-Now\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tStart acting on API Security today!\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJuly 25, 2017\t\t\t\t\t\t\n    <p>APIs are the access doors to your enterprise assets and the backbone of pretty much any application that has been written in recent years. While most companies apply token-based access to APIs with OpenIDConnect and OAuth, there are still many aspects of security which are not properly covered for APIs such as common injection attacks, &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/act-on-api-security\/\"> Start acting on API Security today! Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t<meta itemscope itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/WebPage\" itemid=\"https:\/\/staging2022.42crunch.com\/a10-owasp\/\" content=\"Why do we need the A10 entry in the OWASP Top 10?\" \/><meta itemprop=\"datePublished\" content=\"2017-07-18\" \/><meta itemprop=\"dateModified\" content=\"2022-11-18\" \/><meta itemprop=\"name\" content=\"42Crunch\"\/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\" \/><meta itemprop=\"name\" content=\"Isabelle Mauny\" \/><meta itemprop=\"url\" content=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-1.jpeg\" \/><meta itemprop=\"width\" content=\"752\" \/><meta itemprop=\"height\" content=\"311\" \/><meta itemprop=\"interactionType\" content=\"https:\/\/schema.org\/CommentAction\" \/><meta itemprop=\"userInteractionCount\" content=\"0\" \/>\n\t\t\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/a10-owasp\/\" title=\"Why do we need the A10 entry in the OWASP Top 10?\"><\/a>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/05\/owasp-1.jpeg\" alt=\"owasp-1\" itemprop=\"image\" data-no-lazy=\"1\" height=\"311\" width=\"752\" title=\"owasp-1\" onerror=\"this.style.display='none'\"  \/>\n\t\t\t\t\t\t\t\t\t<h3 itemprop=\"headline\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWhy do we need the A10 entry in the OWASP Top 10?\t\t\t\t\t\t\t\t\t\t\t<\/h3>\nBy <a href=\"https:\/\/staging2022.42crunch.com\/author\/isabelle-mauny\/\">Isabelle Mauny<\/a>\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  |  \n\t\t\tJuly 18, 2017\t\t\t\t\t\t\n    <p>Without any doubt, APIs have redefined the enterprise architecture landscape by becoming the building blocks of internal and external enterprise applications. APIs are now the entry point into most architectures, much like servlets and JSPs were in the application server era.\u00a0APIs give access to a wide range of applications, systems, databases and now things with &hellip;<\/p>\n<p> <a href=\"https:\/\/staging2022.42crunch.com\/a10-owasp\/\"> Why do we need the A10 entry in the OWASP Top 10? Read More &raquo;<\/a><\/p>\n    \t\t<a href=\"https:\/\/staging2022.42crunch.com\/category\/blog\/\">Blog<\/a>\n\t\t<!-- .pp-content-posts -->\n<h2>\n\t\tReady to Learn More?\n\t<\/h2>\n\t<p>Developer-first solution for delivering API security as code.<\/p>\n\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/get-started\/\" target=\"_self\" role=\"button\" rel=\"noopener\">\n\t\t\t\t\t\t\tGet Started\n\t\t\t\t\t<\/a>\n\n","protected":false},"excerpt":{"rendered":"<p>Blog Knowledge Series on API Security and API Security Best Practices Type Popular Blog News In the News Webinars Tutorials Datasheets Free Tools Topic API Inventory API Security API Security Platform API Security Training API Testing API Vulnerabilities Microsoft Azure Marketplace OpenAPI Specification OpenAPI\/Swagger Editor OWASP API Security Top 10 Platform Overview Press Release Shift-Left [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"API security best practice blog","_seopress_titles_desc":"API Security blog with advice, knowledge series, best practices and how to articles on API vulnerabilities and how to prevent against them.","_seopress_robots_index":"","site-sidebar-layout":"no-sidebar","site-content-layout":"page-builder","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"disabled","ast-hfb-above-header-display":"disabled","ast-hfb-below-header-display":"disabled","ast-hfb-mobile-header-display":"disabled","site-post-title":"disabled","ast-breadcrumbs-content":"disabled","ast-featured-img":"disabled","footer-sml-layout":"disabled","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"_links":{"self":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages\/11"}],"collection":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/comments?post=11"}],"version-history":[{"count":0,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages\/11\/revisions"}],"wp:attachment":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/media?parent=11"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}