An Intellyx Brain Candy Brief
Back in the mid-2000s, I often wrote about Web Services gateways that managed and secured SOAP-based endpoints, in part by validating messages against WSDL contracts.
Today, 42Crunch does something similar, except all the elements of the story have changed. Instead of Web Services, we have RESTful APIs. Instead of SOAP, we have JSON-based policies and a variety of different media types.
And instead of WSDL contracts, 42Crunch relies upon the broadly adopted OpenAPI spec (formerly Swagger) that it uses to enforce contracted interfaces.
In spite of these parallels to technologies from the last decade, 42Crunch has a fully modern API security offering.
It provides both static analysis of APIs as well as runtime scanning via microservice technology that can run as a sidecar proxy in a Docker container.
This modern best practice approach to policy enforcement provides the flexibility and dynamic enforcement capabilities that microservices endpoints and other APIs require, especially in today’s zero-trust environments that must consider all endpoints to be untrusted.
Copyright © Intellyx LLC. Intellyx publishes the Cortex newsletter, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at pr@intellyx.com.
Comments
Comments are closed.