Mar 18, 2019 SOURCE: PR NewsWire

42Crunch Announces Launch of First API Security Platform

IRVINE, Calif., March 18, 2019 /PRNewswire/ -- 42Crunch, the leading API security company, officially announced the release of the 42Crunch API Platform, the world's first API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices.

This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API developers improve their API definitions that follow the OpenAPI Specification into proper API contracts. Now, with this latest release, customers have access to the full 42Crunch Platform.

The market has already seen a huge increase in API attacks over the past few years. API breaches include such big names as Facebook, T-Mobile, Panera Bread, Verizon, and the United States Postal Service (USPS). Gartner predicts that "by 2022, API abuse will be the most frequent attack vector resulting in data breaches for enterprise web applications".

42Crunch Platform offers a set of integrated services that can be leveraged as part of the APIs' DevSecOps cycle:

    --  API Contract Security Audit: An exhaustive security audit of the OpenAPI
        definition, with detailed security scoring that helps developers define
        and strengthen their API contracts.


    --  API Contract Conformance Scan: A scan of live API endpoints that
        discovers potential vulnerabilities and discrepancies in your API
        implementation against the API contract.
    --  API Protection: A straightforward and easy way to protect APIs and apply
        policies that can be deployed in our lightweight, low-latency,
        API-native micro firewall. API Firewall automatically enforces traffic
        based on your API contract and applies security policies to protect API
        endpoints wherever they are. It can be deployed in Kubernetes and
        Docker, on public clouds (Amazon, Azure, Google), or on the customer's
        private cloud.

The traditional approach in web application security requires customers to use a combination of products -- such as SAST, DAST, WAF, RASP, and API management -- to address different security concerns, in different network zones, and at different stages of the application life cycle. This approach leaves gaps and is difficult to operate, consolidate, maintain, and deploy.

42Crunch Platform aims to overcome these difficulties. With the platform, enterprises can centrally enforce and monitor corporate security policies, using tools that have been designed both to be API-centric and to work together. Security teams get a 360° view of the entire API portfolio, including audit grades, usage, prevented attacks, and potential vulnerabilities.

"Our experience at 42Crunch both in the web application security and API integration space made it very clear that API security is the biggest challenge for security teams today, and that we had to change the way companies can protect their applications and data in a much more holistic, integrated, and simple way than they do today in web application security", says Jacques Declas, 42Crunch CEO and founder.

APIs are not web applications. APIs have unique logic, unique authentication and authorization mechanisms, and unique vulnerabilities. They can be consumed by humans, machines, or other APIs. Traditional security solutions only focus on known attack types and lack granular understanding of these aspects of APIs. This makes the traditional solutions incapable of detecting or preventing attacks that exploit the vulnerabilities unique to APIs.

42Crunch's approach is to start with the API contract and to offer developers tools to help them define that contract to be very strict. The API contract becomes the core of the positive security model of our API Firewall, and policies are tailored automatically to each and every API. This virtually eliminates false positives and false negatives and does not require training any AI for weeks on end to learn the model. API Contract Conformance Scan completes the loop by automating tests based on the API contract, allowing to refine both the API contract itself and the policies attached to the API.

API development is agile and fast-paced. Manual approaches to API security are doomed to fail. Instead, enterprises need to inject security checks as early as possible in the API lifecycle and continuously test and apply proper policies as existing API evolves and new APIs are built. The 42Crunch Platform works in such a way that the entire flow through the platform (Audit, Scan, Protect) can be automated and attached to the CI/CD pipeline, efficiently enabling a DevSecOps approach.

About 42Crunch

Founded in London, UK, with offices in Dublin (Ireland), Montpellier (France) and Irvine (California), 42Crunch provides a unique set of integrated tools which allow discovery, remediation of API vulnerabilities, and runtime protection against API attacks. Visit https://www.42crunch.com to learn more.

Media Contact:
Len Fernandes
1 888.317.4687 ext. 702
211061@email4pr.com

View original content to download multimedia:http://www.prnewswire.com/news-releases/42crunch-announces-launch-of-first-api-security-platform-300813571.html

SOURCE 42Crunch

Related News

Hoss Launches Solution for Managing the APIs Companies Consume and Rely On

OpenAPI Specification 3.1.0 Released

NetFoundry Zero Trust Networking API Is Now Available at the World's Largest API Marketplace - RapidAPI

Cloud Application Programming Interface (API) Market Becoming the Next Billion Dollar Opportunity for Tech Stocks

Telecom API Market by Technologies, Application and Service Types, Stakeholders, User Types, Deployment, and Platform as a Service Types, 2020 - 2025

Quttera Announces Latest Enhancements to Website Malware Scanner API

Weather Source Welcomes Dark Sky Customers with Special Offer

Immersion Enables Automotive User Interface Designers to Work with Haptic APIs in Kanzi UI Software

View all News

Related Procurements

IT services: consulting, software development, Internet and support

The Department of Employment Affairs and Social Protection (DEASP) undertook a procurement process to tender for the supply, configuration and integration of facial image matching software and provision of support...

System and support services

The Road Safety Strategy 2007-2012 set out a commitment for Ireland to introduce Driving Licences as polycarbonate cards, as required by EU Directive 2006/126/EC of 20 December 2006 on Driving...

Printing and related services

The Road Safety Strategy 2007-2012 set out a commitment for Ireland to introduce driving licences as polycarbonate cards, as required by EU Directive 2006/126/EC of 20 December 2006 on Driving...

View all Procurementsp