{"id":8788,"date":"2020-06-16T01:00:24","date_gmt":"2020-06-16T00:00:24","guid":{"rendered":"https:\/\/staging-site.42crunch.com\/?p=8788"},"modified":"2022-11-24T09:51:49","modified_gmt":"2022-11-24T09:51:49","slug":"new-rest-api-static-security-testing-extension-bitbucket-pipelines","status":"publish","type":"post","link":"https:\/\/staging2022.42crunch.com\/new-rest-api-static-security-testing-extension-bitbucket-pipelines\/","title":{"rendered":"42Crunch Launches New REST API Static Security Testing Extension for Bitbucket Pipelines"},"content":{"rendered":"

IRVINE, CA, JUNE 16, 2020<\/b> \u2014 Today, the API security leader and creator of the industry\u2019s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension<\/a> for Atlassian\u2019s code collaboration and CI\/CD solution, Bitbucket Pipelines. This extension enables companies to easily enforce secure API design right from their CI\/CD pipeline \u2014 making it easier than ever to enable a DevSecOps process for API security.<\/span><\/p>\n

The transition to cloud-native, microservice-based and serverless architectures had led to proliferation of APIs. Applications now have components talking to each other via APIs over network. Thus, companies end up having hundreds if not thousands of APIs. As applications evolve, developers keep changing APIs and spinning up new ones each time a new component gets added to the system.<\/span><\/p>\n

APIs thus have become the new application attack surface and the one that is extremely hard to control considering its constant change.<\/span><\/p>\n

With the ever-rising privacy and cybersecurity requirements and the potential catastrophic consequences of a breach, companies are turning to DevSecOps approach to enable automated security static analysis and security testing as part of their CI\/CD pipelines. This allows companies to establish and maintain the security of their systems while maintaining agility and delivering business requirements.\u00a0<\/span><\/p>\n

The new 42Crunch extension for Bitbucket Pipelines<\/a> allows companies to add REST API static security testing (SAST) right into their CI\/CD pipeline. The benefits include:<\/span><\/p>\n

\n
Reduced risk of breach<\/b>: Locate API contract files in the repository and run 200+ security checks covering <\/span>OpenAPI standard requirements<\/span>, authentication, authorization, and both incoming and outgoing data validation. This ensures that no new or changed API can pass the test and get deployed to production if it does not meet your security standards.<\/span><\/li>\n
Reduced fixing costs<\/b>: Find and report security flaws at each pipeline run, providing immediate feedback to R&D.\u00a0\u00a0<\/span><\/li>\n
Increased R&D efficiency<\/b>: 42Crunch API Contract Security Audit does not give false positives. Every issue reported is worth looking into. Issues are prioritized by impact, so developers know where to start. Every issue comes with a detailed knowledge base article explaining the issue, its severity, exploit scenario, and ways to fix it.<\/span><\/li>\n<\/ul>\n
<\/p>\n
$\"\"$ <\/p>\n
<\/p>\n
\u201cThe natural way to address the complex, agile, and decentralized nature of modern apps is to shift security left \u2013 make security part of the DevOps process to become DevSecOps,\u201d says Dmitry Sotnikov, Chief Product Officer at 42Crunch. \u201c The 42Crunch REST API Static Security Testing Extension for Bitbucket<\/a> delivers REST API discovery and security audit right in customers\u2019 CI\/CD pipeline.\u201d<\/span><\/p>\n
Now, any registered 42Crunch user who is also a user of Bitbucket Pipelines, can extend the pipeline with the 42Crunch REST API Security Audit Static Analysis extension. Check out our <\/span>tutorial page<\/span><\/a> to see it in action!<\/span><\/p>\n
42Crunch has also recently launched a freemium model with free self-service registration at <\/span>https:\/\/platform.42crunch.com\/register<\/span><\/a><\/p>\n
<\/p>\n
Bitbucket Blog:<\/strong> Shift left with Code Insights for Bitbucket Cloud\u00a0<\/a><\/p>\n
<\/p>\n
Webinar: Let\u2019s shift API Security Left! Sure, but how?<\/strong><\/a><\/p>\n
In this webinar, we will prep you with all the knowledge and tools you need to implement an automated, end-to-end API Security process that will get your dev, sec and ops teams speaking the same language.<\/p>\n
Through a mix of presentation and demos, we will:<\/p>\n
\n
Review security risks at each stage of the API lifecycle, and how to mitigate them<\/li>\n
Show you how to implement an end-to-end automated API security model that development, security and operations teams will love<\/li>\n
Explain the importance of having a positive security model and how it works<\/li>\n
Provide a list of tools that will help you automate your API security, including our newest REST API Static Security Audit Extension for Bitbucket Pipelines!<\/li>\n<\/ul>\n
$\"\"$ <\/a><\/p>\n
About 42Crunch<\/strong><\/p>\n
42Crunch bridges the gap between API development and security teams with a simple, automated platform that provides auditing, live endpoint scanning, and micro API firewall protection. Unlike other solutions on the market, 42Crunch Platform empowers development, security, and operations teams with a set of integrated tools to easily build security into the foundation of the API and enforce those policies throughout the API lifecycle. By delivering security as code, you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing integrity. Visit<\/span> https:\/\/42crunch.com<\/span><\/a> to learn more.\u00a0<\/span><\/p>\n
Visit our online community<\/span> https:\/\/APIsecurity.io<\/span><\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"
IRVINE, CA, JUNE 16, 2020 \u2014 Today, the API security leader and creator of the industry\u2019s first API Firewall, 42Crunch, announced the launch of their new REST API Static Security Testing extension for Atlassian\u2019s code collaboration and CI\/CD solution, Bitbucket Pipelines. This extension enables companies to easily enforce secure API design right from their CI\/CD […]<\/p>\n","protected":false},"author":9,"featured_media":11365,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"42Crunch Launches Extension for Bitbucket Pipelines","_seopress_titles_desc":"42Crunch launches new REST API Static Security Testing extension "API Audit" for Atlassian\u2019s CI\/CD solution, Bitbucket Pipelines.","_seopress_robots_index":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"disabled","ast-hfb-above-header-display":"disabled","ast-hfb-below-header-display":"disabled","ast-hfb-mobile-header-display":"disabled","site-post-title":"disabled","ast-breadcrumbs-content":"disabled","ast-featured-img":"disabled","footer-sml-layout":"disabled","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[13],"tags":[22,25],"class_list":["post-8788","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-api-security-platform","tag-api-testing"],"_links":{"self":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/posts\/8788"}],"collection":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/comments?post=8788"}],"version-history":[{"count":0,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/posts\/8788\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/media\/11365"}],"wp:attachment":[{"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/media?parent=8788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/categories?post=8788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/staging2022.42crunch.com\/wp-json\/wp\/v2\/tags?post=8788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}