42Crunch, the API security platform company, announced the latest set of API security testing and threat protection capabilities, designed to ensure companies build APIs that are secure by default and don’t impede the developer workflow.
Companies will benefit from these latest advancements by enhancing their overall API security governance and compliance while simultaneously speeding up the delivery of secure APIs.
42Crunch API security platform
The 42Crunch API security platform is successfully deployed by global 2500 enterprises and government agencies worldwide and now has over 800,000 developers using its services to secure their APIs.
According to a Gartner report - software engineering providers should 'build and deliver secure software. Select tools that integrate security seamlessly into developer workflows without compromising developer experience. This ensures that software is ‘secure by default.’ They should adopt tools at each phase of the SDLC—plan, create, verify, pre-production, release, configure and operate.'
API security testing services
API security testing services into the developer workflow at the IDE and CI/CD levels"
Commenting on this latest release, Isabelle Mauny, Field CTO and Co-Founder at 42Crunch said, “Our mission is to help security and development teams work closer together. By integrating our API security testing services into the developer workflow at the IDE and CI/CD levels, we enable a trust but verify approach for security officers to govern the API security process."
Isabelle Mauny adds, "Companies are able to reduce developer friction and accelerate the time to market of secure API-driven services.”
Key features
The new generation of API security testing engine:
- Support for scenarios testing
- Automatic authorisation testing to detect API 1 and API 5 issues
- Automatic authentication testing to detect API 2 issues
Those tests are enriching the existing set of tests used by our major customers which trigger faulty API behaviours that typical hacking would trigger, including injection of data (API6 / API 8) detection of data leakage (API3), or security misconfigurations (API7).
Available via CI/CD and from the developer’s IDE
- Test operation by operation
- Easily reproduce issues from within the IDE
- Filter on the issues which do not comply with company security requirements
- Detection of compliance problems, as established by the security teams.
This release is made available in a number of developer marketplace IDEs, namely VSCode, Intellij and Eclipse, and will be available on the enterprise platform from July. Visit 42Crunch at Gartner Security & Risk Management Summit-Stand #254.