{"id":894,"date":"2022-04-28T12:36:32","date_gmt":"2022-04-28T11:36:32","guid":{"rendered":"https:\/\/42crdev.prexihost.com\/?page_id=894"},"modified":"2023-02-14T18:05:55","modified_gmt":"2023-02-14T18:05:55","slug":"security","status":"publish","type":"page","link":"https:\/\/staging2022.42crunch.com\/security\/","title":{"rendered":"Security"},"content":{"rendered":"\n\n\t\t
42Crunch ensures that all your APIs meet the requisite security standards before deployment. Run a security audit<\/a> on the OpenAPI contract,\u00a0scan the live API endpoints<\/a> for potential vulnerabilities, and automate the redeployment of runtime protection policies<\/a> with each API change making sure that you can stay agile and enforce a zero-trust architecture.<\/p>\t\t\n\t\t\t\n\t\t\t\t\t\t\tFree Online API Audit Tool\n\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\n\t\t Effortlessly design the most secure API contracts with tools you’ll love.<\/p>\t\t\n\t\t\t\t\t\t\t\n\t\t Turn error-prone manual API security into a fool-proof production deployment.<\/p>\t\t\n\t\t\t\t\t\t\t\n\t\t Securely and confidently deploy your APIs. API audit<\/a> and API scanning<\/a> are automated checks ensuring that unsecure APIs never make it to the master branch and production deployment. Runtime protection policies<\/a> are automatically redeployed with each API change making sure you stay agile without compromising security. Thanks to its low footprint, API Protect can be deployed at scale on any container orchestrator<\/a> such as Kubernetes, Amazon ECS or Red Hat OpenShift(\u00ae).<\/p>\n Our runtime is fully compatible with existing API management solutions or API gateways<\/a> and with microservices-based architectures. We support the sidecar proxy and gateway deployment models.<\/p>\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t<\/a>\n With our API security platform<\/a>, enterprises can centrally enforce and monitor corporate security policies, using API tools that have been designed both to be API-centric and to work together. Security teams get full visibility of the entire API portfolio, including audit grades, usage, blocked attacks, and potential vulnerabilities.<\/p>\n The API contract becomes the core of the positive security model of our API Firewall<\/a>, and policies are tailored automatically to each and every API. This virtually eliminates false positives and false negatives and does not require training any AI for weeks on end to learn the model.<\/p>\n The API Conformance Scan<\/a> completes the loop by automating tests based on the OpenAPI contract, allowing you to refine both the OpenAPI contract itself and the policies attached to the API.<\/p>\n\t\t\t\t\n\t\t\t\t\n\t\t\t\t<\/a>\n\t\t\t\t\n Benefit from a common security language and shared understanding of the APIs that the company has, their current state, security levels, production protection status, and any outstanding security improvements. 42Crunch integrates with standard SIEMs<\/a> (Azure Sentinel etc.) and dedicated API runtime discovery tools (Cisco API Clarity) for vulnerability alerting.<\/p>\n\t Dr. Philippe De Ryck<\/p>\n\t Dr. Philippe De Ryck, Web Security Expert with Pragmatic Web Security and Colin Domoney of 42Crunch and APISecurity.io, take a deep dive into understanding and addressing the OWASP API Security Top 10 issues.<\/p>\nDevelopers<\/a><\/h4>\n\t\t\t
Security<\/h4>\n\t\t\t
Operations<\/a><\/h4>\n\t\t\t
<\/strong><\/p>\t\t\n\n\t\tTurn error-prone manual API security into fool-proof deployment\n\t<\/h2>\n\t
\n\t\tConsistent enforcement of threat protection policies across platforms and frameworks\n\t<\/h2>\n\t
\n\t\tRules-free automatic threat protection \n\t<\/h2>\n\t
\n\t\t360\u00b0 degree view of all APIs\n\t<\/h2>\n\t
3-part Webinar series<\/h4>\n
\n\t\t\n\t\tOWASP API Security Top 10\u00a0\n\t\t<\/a>\n\t<\/h2>\n
\n\t\tFind, Fix and Secure your APIs\n\t<\/h2>\n\t\t\t\t\n\t
\n\t\tReady to Learn More?\n\t<\/h2>\n\t