SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

42Crunch launches new set of API security capabilities

42Crunch, the API Security platform company, has announced the latest set of API security testing and threat protection capabilities, designed to ensure companies build APIs that are secure by default and dont impede the developer workflow.

Companies will benefit from these latest advancements by enhancing their overall API security governance and compliance while simultaneously speeding up the delivery of secure APIs, the company states.

The 42Crunch API security platform is successfully deployed by Global 2500 enterprises and Government agencies worldwide and now has more than 800,000 developers using its services to secure their APIs.

According to a Gartner report, software engineering leaders should, build and deliver secure software. Select tools that integrate security seamlessly into developer workflows without compromising developer experience ensures that software is secure by default. They should adopt tools at each phase of the SDLC plan, create, verify, pre-production, release, configure and operate, the analysts state.

Commenting on this latest release, Isabelle Mauny, Field CTO and co-founder at 42Crunch says, "Our mission is to help security and development teams work closer together.

"By integrating our API security testing services into the developer workflow at the IDE and CI/CD levels, we enable a trust, but verify approach for security officers to govern the API security process. Companies are able to reduce developer friction and accelerate the time to market of secure API-driven services."

Key features include:

New generation of API security testing engine:

  • Support for scenarios testing
  • Automatic authorisation testing to detect API 1 and API 5 issues
  • Automatic authentication testing to detect API 2 issues

Mauny says, "Those tests are enriching the existing set of tests used by our major customers which trigger faulty API behaviors that typical hacking would trigger, including injection of data (API6 / API 8) detection of data leakage (API3), or security misconfigurations (API7)."

Available via CI/CD and from the developers IDE:

  • Test operation by operation 
  • Reproduce issues from within the IDE
  • Filter on the issues which do not comply with company security requirements
  • Detection of compliance problems, as established by the security teams

This release is made available now in a number of developer marketplace IDEs, namely VSCode, Intellij and Eclipse and will be available on the enterprise platform from July.

42Crunch enables a standardised approach to securing APIs that automates the enforcement of API security compliance across distributed development and security ecosystems. The company's API security testing and protection services are used by Fortune 500 enterprises and over 800,000 developers worldwide.

The 42Crunch API security platform is designed for developers to build security from the IDE into the API pipeline and gives application security teams control of security policy enforcement from the CI/CD across the entire API lifecycle. This DevSecOps approach to API security reduces governance costs and accelerates the delivery of secure APIs.

Follow us on: