Download PDF version Contact company

42Crunch, the API security platform company, announced the latest set of API security testing and threat protection capabilities, designed to ensure companies build APIs that are secure by default and don’t impede the developer workflow.

Companies will benefit from these latest advancements by enhancing their overall API security governance and compliance while simultaneously speeding up the delivery of secure APIs. 

42Crunch API security platform

The 42Crunch API security platform is successfully deployed by global 2500 enterprises and government agencies worldwide and now has over 800,000 developers using its services to secure their APIs.

According to a Gartner report - software engineering providers should 'build and deliver secure software. Select tools that integrate security seamlessly into developer workflows without compromising developer experience. This ensures that software is ‘secure by default.’ They should adopt tools at each phase of the SDLC—plan, create, verify, pre-production, release, configure and operate.'

API security testing services

API security testing services into the developer workflow at the IDE and CI/CD levels"

Commenting on this latest release, Isabelle Mauny, Field CTO and Co-Founder at 42Crunch said, “Our mission is to help security and development teams work closer together. By integrating our API security testing services into the developer workflow at the IDE and CI/CD levels, we enable a trust but verify approach for security officers to govern the API security process."

Isabelle Mauny adds, "Companies are able to reduce developer friction and accelerate the time to market of secure API-driven services.” 

Key features

The new generation of API security testing engine:

  • Support for scenarios testing
  • Automatic authorisation testing to detect API 1 and API 5 issues
  • Automatic authentication testing to detect API 2 issues

Those tests are enriching the existing set of tests used by our major customers which trigger faulty API behaviours that typical hacking would trigger, including injection of data (API6 / API 8) detection of data leakage (API3), or security misconfigurations (API7).

Available via CI/CD and from the developer’s IDE

  • Test operation by operation 
  • Easily reproduce issues from within the IDE
  • Filter on the issues which do not comply with company security requirements
  • Detection of compliance problems, as established by the security teams. 

This release is made available in a number of developer marketplace IDEs, namely VSCode, Intellij and Eclipse, and will be available on the enterprise platform from July. Visit 42Crunch at Gartner Security & Risk Management Summit-Stand #254.

Download PDF version Download PDF version

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Quick poll
What is the most significant challenge facing smart building security today?