Enables Azure DevOps customers to extend their DevSecOps practices to REST APIs<\/b><\/p>\n
IRVINE, CA, MARCH 18, 2020<\/b> \u2014 Today, the API security leader and creator of REST API DevSecOps tooling and the industry\u2019s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Microsoft Azure Pipelines. This extension enables companies to easily enforce secure API design right from their CI\/CD pipeline.\u00a0\u00a0<\/span><\/p>\n With REST API proliferation and REST APIs becoming one of the top attack vectors, ensuring that all APIs that a company develops and hosts are secure by design can be a problem. And with CI\/CD, any new API or any modification to existing APIs that developers add can get pushed to production without proper checks on security. Up until now, there has been no extension in the Azure marketplace that would have been specifically geared for the static analysis of REST API security.<\/span><\/p>\n The new 42Crunch extension for Microsoft Azure Pipelines allows companies to add REST API static security testing (SAST) right into their CI\/CD pipeline. The benefits include:<\/span><\/p>\n \u201cModern software development trends, such as cloud-native architectures, microservices, and serverless, have led to companies spinning up hundreds or even thousands of APIs,\u201d says Jacques Declas, the CEO and founder of 42Crunch. \u201cAgile processes and DevOps lead to new APIs being developed and existing APIs getting changed every day. No manual policies or checks can ensure that they are all securely designed and follow all the modern API security best practices. Today, 42Crunch is releasing an off-the-shelf API security extension for Azure DevOps to allow Azure Pipelines customers to automatically discover APIs built by their pipelines, and ensure that these APIs are secure by design.\u201d<\/span><\/p>\n \u201cDevSecOps has become the way for teams to stay agile and deliver business value while maintaining a high level of systems security,\u201d says Steven Murawski, Cloud Advocate at Microsoft. \u201cWhile Azure Pipelines already had security testing extensions for various parts of the application stack, there had been a glaring gap of the one specifically designed for REST APIs. We are happy to see 42Crunch bridge that gap with their solution.\u201d<\/span><\/p>\n Now, any registered 42Crunch user who is also a user of Azure DevOps pipeline, can extend the pipeline with the 42Crunch REST API Security Audit Static Analysis extension.<\/a><\/span><\/p>\n Last year, 42Crunch launched an <\/span>OpenAPI (Swagger) Editor for VS Code<\/span><\/a> as part of an overall strategy to simplify and automate API security. The extension has been well received with a 5 star rating, and more than 47,000 installs. You can download it for free here.<\/a><\/span><\/p>\n 42Crunch has also recently launched freemium model with free self-service registration at <\/span>https:\/\/platform.42crunch.com\/register<\/span><\/a><\/p>\n <\/p>\n REST API Security by Design with Azure Pipelines<\/strong><\/p>\n Join Microsoft and 42Crunch for a live webinar <\/span>Wednesday March 25th at 8am PST \/ 11am EST<\/span><\/a> for a deep dive into a shift-left security approach using OpenAPI, Azure Pipelines, and 42Crunch.<\/span><\/p>\n <\/p>\n About 42Crunch<\/strong><\/p>\n 42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, 42Crunch Platform empowers development, security, and operations teams with a set of integrated tools to easily build security into the foundation of the API, and enforce those policies throughout the API lifecycle. By delivering security as code, you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity. Visit<\/span> https:\/\/42crunch.com<\/span><\/a> to learn more.\u00a0<\/span><\/p>\n\n