![\"DevSecOps-API](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2023\/10\/DevSecOps-API-Protection.png\" "\\"DevSecOps-API")
\n\tAPI Protection is a critical capability of an API security platform. It relates to the ability to enforce security policies at design and runtime typically using an API micro-firewall.<\/p>\n
\n\t\tShift-Left and Shield-Right for API Protection\n\t<\/h2>\n\t
Unlike traditional Appsec testing or firewall tools (SAST, DAST & WAF) or newer API behavior analysis tools, 42Crunch combines a shift-left (API security testing<\/a> during design, development and testing) and a shield-right (runtime protection<\/a>) approach to API security. From design-time right through to run-time, 42Crunch protects your APIs throughout the API lifecycle against API threats.<\/p>\n\t\t\t\t\n\t\t\t\t Deploy API Protect<\/a> directly from your CI\/CD pipeline and it reconfigures automatically whenever the OpenAPI contract changes. API Protect is tailored to protect each API using a positive security model based on data conformance to the OpenAPI contract, block malicious attacks and unlike a traditional WAF-based solution, distinguish API attacks from legitimate API content traffic.<\/p>\n WIth 42Crunch you can detect OWASP API Security Top 10 issues<\/a> such as data leakage, overflows, mass assignment, broken authentication or security misconfigurations. Our platform detects vulnerabilities triggered by the usage of:\u00a0\u00a0<\/p>\n By throttling traffic based on a range of criteria, 42Crunch actively enforces API protection to prevent Denial of Service (DoS) or brute-force attacks. In microservice deployments, API Protect Firewall<\/a> is deployed separately with each instance of the microservice, so rate limiting is also enforced separately on each instance.<\/p>\n\t Understand the API Security maturity model and learn how to build out a successful API Security program for your enterprise.<\/p>\n\t\t\t\n\t\t\t\t\t\t\tDownload API Security Guide\n\t\t\t\t\t<\/a>\n\t\t\t\t![\"42C_UI_8_22-11\"](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/07\/42C_UI_8_22-11-1024x560.png\" "\\"42C_UI_8_22-11\\"")
\n\t\t\t\t<\/a>\n\t\t\t\t\n\t\t\t\t![\"DevSecOps-UI-for-Solution-3-2\"](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/DevSecOps-UI-for-Solution-3-2-1024x728.png\" "\\"DevSecOps-UI-for-Solution-3-2\\"")
\n\t\t\t\t<\/a>\n\n\t\tAutomatically Enforce Content validation\n\t<\/h2>\n\t
\n\t\tThreat Prevention and Anomaly Detection\n\t<\/h2>\n\t
\n
![\"42C_UI_8_22_Security_Audit_2\"](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/07\/42C_UI_8_22_Security_Audit_2-1024x560.png\" "\\"42C_UI_8_22_Security_Audit_2\\"")
\n\t\t\t\t<\/a>\n\t\t\t\t![\"Traffic](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/Traffic-Lights-1024x557.png\" "\\"Traffic")
\n\n\t\tTraffic Throttling\n\t<\/h2>\n\t
eBook<\/h4>\n
\n\t\tAPI SECURITY\n\t<\/h2>\n
\n\t\tA Blueprint for Success\n\t<\/h2>\n\t
![\"Landscape](\"https:\/\/staging2022.42crunch.com\/wp-content\/uploads\/2022\/08\/Landscape-iPad-Mockup-n4-InnerPage-2.png\" "\\"Landscape")
\n\n\t\tReady to Learn More?\n\t<\/h2>\n\t