{"id":213,"date":"2022-04-08T14:15:24","date_gmt":"2022-04-08T13:15:24","guid":{"rendered":"https:\/\/42crdev.prexihost.com\/?page_id=213"},"modified":"2024-04-29T15:07:26","modified_gmt":"2024-04-29T14:07:26","slug":"api-security-for-microsoft","status":"publish","type":"page","link":"https:\/\/staging2022.42crunch.com\/api-security-for-microsoft\/","title":{"rendered":"API Security &#038; Microsoft Ecosystem"},"content":{"rendered":"\n\n\t\t<h1>\n\t\t\tEnd-to-End API Security\n\t\t\t\t\t\t\t\t\t\t\tThroughout the API Lifecycle\n\t\t<\/h1>\n\t\t\t<p>42Crunch and Microsoft deliver a seamless DevSecOps environment for API security from design, through to production and runtime.<\/p>\t\t\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/microsoft-logo-01.png\" alt=\"microsoft-logo-01\" itemprop=\"image\" height=\"187\" width=\"662\" title=\"microsoft-logo-01\" onerror=\"this.style.display='none'\"  \/>\n<h2>\n\t\tAPI Security Compliance and Governance Across the API Estate\n\t<\/h2>\n\t<p>Cloud applications are increasingly API-centric, with APIs at the core of data exchange. Inherently, APIs are easy to expose, but difficult to defend and traditional application security solutions are not optimized to protect APIs. 42Crunch and Microsoft have partnered to enable developers find and fix API vulnerabilities while giving security teams centralized governance across their APIs.<\/p>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2023\/01\/MISA_RGB_MemberBadge_Main_Landscape_FullColor-300x174.png\" alt=\"42Crunch Member of MISA\" itemprop=\"image\" height=\"174\" width=\"300\" title=\"MISA_RGB_MemberBadge_Main_Landscape_FullColor\" onerror=\"this.style.display='none'\"  \/>\n<h2>\n\t\tAPI Security First <br \/>for Efficiency &#038; Innovation\n\t<\/h2>\n\t<p>An effective API security strategy starts early in the software development lifecycle. 42Crunch and Microsoft are collaborating to enable a DevSecOps approach that helps developers build more secure and resilient APIs without compromising on productivity or innovation. The 42Crunch Developer-First API Security platform is purpose-built to enable a combined shift-left and shield-right approach to securing APIs. The out-of-the-box Integrations with many of Microsoft&#8217;s key enterprise platforms enable a seamless DevSecOps experience for API security throughout the API lifecycle.<\/p>\n\t<iframe src=\"https:\/\/player.vimeo.com\/video\/867929800?badge=0&amp;autopause=0&amp;player_id=0&amp;app_id=58479\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture\" title=\"42Crunch API Security Testing and Runtime Threat Protection, available in the Microsoft Commercial Marketplace\"><\/iframe>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/42Crunch-Quotes-White-150x150.png\" alt=\"42Crunch-Quotes-White\" itemprop=\"image\" height=\"150\" width=\"150\" title=\"42Crunch-Quotes-White\" onerror=\"this.style.display='none'\"  \/>\n\t\t<h2>\n\t\t\tTogether with 42Crunch, we bridge the gap of API security from development to runtime and empower security teams to exercise governance over their API ecosystem throughout the development lifecycle.\n\t\t<\/h2>\n\t\t\t<p><strong><br \/>Vlad Korsunsky<br \/><\/strong>VP Cloud and Enterprise Security<\/p>\t\t\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2023\/11\/Microsoft-dark-background.png\" alt=\"Microsoft dark background\" itemprop=\"image\" height=\"242\" width=\"540\" title=\"Microsoft dark background\" onerror=\"this.style.display='none'\"  \/>\n\t\t<h2>\n\t\t\tIntegrations\n\t\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Diagram-1920-1536x767.png\" alt=\"42C Microsoft Datasheet Diagram 1920\" itemprop=\"image\" height=\"767\" width=\"1536\" title=\"42C Microsoft Datasheet Diagram 1920\" onerror=\"this.style.display='none'\"  \/>\n<h2>\n\t\tAPI <b>INVENTORY<\/b>\n\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Icons-05.png\" alt=\"42C Microsoft Datasheet Icons-05\" itemprop=\"image\" height=\"121\" width=\"238\" title=\"42C Microsoft Datasheet Icons-05\" onerror=\"this.style.display='none'\"  \/>\n\t<p>With 42Crunch we meet developers where they are by integrating with leading IDEs like VSCode and GitHub Codespaces which allows them to get instant feedback on security issues without having to change environments. Through a GitHub action, during a pull request, 42Crunch automatically scans enterprise GitHub repositories for all OpenAPI files and imports them to the API security platform.<\/p>\n<h2>\n\t\tAPI <b>PROTECTION<\/b>\n\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Icons-06.png\" alt=\"42C Microsoft Datasheet Icons-06\" itemprop=\"image\" height=\"121\" width=\"238\" title=\"42C Microsoft Datasheet Icons-06\" onerror=\"this.style.display='none'\"  \/>\n\t<p>42Crunch API firewall runs in front of your API and uses a positive security model to ensure that API requests and responses conform to the audited OpenAPI contract. The firewall runs as a VM or in Azure Container or Azure Kubernetes Services as a sidecar container alongside your API or Azure API Management gateway.<\/p>\n<h2>\n\t\tAPI <b>DESIGN<\/b>\n\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Icons-10.png\" alt=\"42C Microsoft Datasheet Icons-10\" itemprop=\"image\" height=\"121\" width=\"137\" title=\"42C Microsoft Datasheet Icons-10\" onerror=\"this.style.display='none'\"  \/>\n\t<p>42Crunch API Audit (downloaded by over half a million developers) runs as a plug-in in VSCode and GitHub Codespaces to automate testing as part of the CI\/CD pipeline. Vulnerabilities found during the audit are presented to the developers directly in the IDE as well as both GitHub repository and Azure DevOps along with detailed remediation steps.<\/p>\n<p>Audit results are also shared with central security teams through an integration with Microsoft Defender for Cloud where they can be combined with runtime security insights found by Microsoft Defender for APIs.<\/p>\n<h2>\n\t\tAPI <b>MONITORING<\/b>\n\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Icons-11.png\" alt=\"42C Microsoft Datasheet Icons-11\" itemprop=\"image\" height=\"121\" width=\"137\" title=\"42C Microsoft Datasheet Icons-11\" onerror=\"this.style.display='none'\"  \/>\n\t<p>The 42Crunch API firewall sends logs to Azure Sentinel for analysis of real-time attack data. Sentinel provides actionable insights and visualizations that highlight anomalous activity and attack patterns including account takeovers and malicious bots.<\/p>\n<h2>\n\t\tAPI <b>TESTING<\/b>\n\t<\/h2>\n\t\t\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/42C-Microsoft-Datasheet-Icons-07.png\" alt=\"42C Microsoft Datasheet Icons-07\" itemprop=\"image\" height=\"121\" width=\"238\" title=\"42C Microsoft Datasheet Icons-07\" onerror=\"this.style.display='none'\"  \/>\n\t<p>42Crunch API Scan runs as an automated task within the CI\/CD pipeline through GitHub or Azure DevOps. Alternatively, scans can be run incrementally by developers directly from VSCode or Codespaces to ensure that issues are caught earlier in the development process and don&#8217;t result in a failed test.<\/p>\n<p>Scan results are also shared with central security teams through an integration with Microsoft Defender for Cloud where they can be combined with runtime security insights found by Microsoft Defender for APIs.<\/p>\n\t<h4>Datasheet<\/h4>\n<h2>\n\t\t42Crunch and Microsoft deliver <br \/>seamless DevSecOps for API Security\n\t<\/h2>\n\n\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2023\/11\/42C-Microsoft-Datasheet-FIN-v4.pdf\" target=\"_blank\" rel=\"noopener\">\n\t\t\t\t\t\t\tDownload\n\t\t\t\t\t<\/a>\n\t\t\t\t<img decoding=\"async\" src=\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/09\/Microsoft-Datasheet-Mockups-2-copy.png\" alt=\"Microsoft Datasheet Mockups 2 copy\" title=\"Microsoft Datasheet Mockups 2 copy\" itemprop=\"image\"  \/>\n<h2>\n\t\tReady to Learn More?\n\t<\/h2>\n\t<p>Developer-first solution for delivering API security as code.<\/p>\n\t\t\t<a href=\"https:\/\/staging2022.42crunch.com\/get-started\/\" target=\"_self\" rel=\"noopener\">\n\t\t\t\t\t\t\tGet Started\n\t\t\t\t\t<\/a>\n\n","protected":false},"excerpt":{"rendered":"<p>End-to-End API Security Throughout the API Lifecycle 42Crunch and Microsoft deliver a seamless DevSecOps environment for API security from design, through to production and runtime. API Security Compliance and Governance Across the API Estate Cloud applications are increasingly API-centric, with APIs at the core of data exchange. Inherently, APIs are easy to expose, but difficult [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"End to End API Security with 42Crunch and Microsoft","_seopress_titles_desc":"42Crunch and Microsoft deliver a seamless DevSecOps environment for API security throughout the API Lifecycle from design, through to production and runtime.","_seopress_robots_index":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"disabled","ast-hfb-above-header-display":"disabled","ast-hfb-below-header-display":"disabled","ast-hfb-mobile-header-display":"disabled","site-post-title":"disabled","ast-breadcrumbs-content":"disabled","ast-featured-img":"disabled","footer-sml-layout":"disabled","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"_links":{"self":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages\/213"}],"collection":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/comments?post=213"}],"version-history":[{"count":1,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages\/213\/revisions"}],"predecessor-version":[{"id":18588,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/pages\/213\/revisions\/18588"}],"wp:attachment":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/media?parent=213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}