Development, security and operations teams now have instant access to a comprehensive set of API security tools that easily integrate into existing workflows and enable an agile DevSecOps process.
APIs are growing at an exponential rate: not only are they the backbone of any application, but microservices architecture imply exposing internal APIs for every microservice or group of microservices.
The average number of APIs to protect within an enterprise is nearing 500, and Gartner is predicting that by 2022 APIs will become the most common attack vector. Unfortunately, API security is very complex and often considered too late in the process.
A shift left approach is required to ensure security is addressed as early as possible in the design phase – enabling the needed DevSecOps process to deliver security and protection throughout the entire API lifecycle.
42Crunch has made this easy by creating a platform based around the industry standard OpenAPI Specification, and now opening it to the public with self-registration to continue their mission of providing the most comprehensive tools for implementing API security best practices.
“APIs are becoming one of the primary attack vectors, yet, API security remains confusing and most solutions out there are incomplete expensive platforms requiring talking to an enterprise sales person to get started” says Jacques Declas, CEO and Founder of 42Crunch.
“We believe that no API, private or public, should be deployed without being audited and scanned at design-time and automatically protected at run-time. Our new self-signup option, free tier, and low-cost subscription options let DevOps and Security teams work seamlessly together to Secure all their APIs in real time throughout the API lifecycle!”
The new self-registration feature provides instant access to the security tools in the 42Crunch API Security Platform – allowing teams to deliver security across the entire API lifecycle:
- Audit: Run 200+ check security audit of the OpenAPI specification definition with detailed security scoring to help developers define and strengthen API contract.
- Scan: Scan live API endpoints to discover potential vulnerabilities and discrepancies of the API implementation against the API contract.
- Protect: Launch service to protect APIs and apply policies that can be deployed in our lightweight, low-latency micro API firewall.
42Crunch offers a basic free-forever account and tiered pricing based on API calls.
Last year they launched an OpenAPI (Swagger) Editor for VS Code as part of an overall strategy to simplify and automate API security. The extension has been well received with a 5 star rating, and more than 39,000 downloads.