42Crunch: Crushing API security in the DevOps lifecycle

42Crunch Intellyx BrainCandyAn Intellyx BrainCandy Update

42Crunch focuses its solution on end-to-end API security, an area that provides an ever-increasing attack surface to address, as the trend toward application delivery in microservices architectures that leverage cloud-based services continues.

Intellyx last visited 42Crunch in 2019. They’ve been busy providing specifications and warning the OWASP community of the vulnerabilities created by this unabated proliferation of APIs, and helping some marquee customers resolve resulting business breaches since then.

The firm also upped its game with a free developer account option, and embedded support for most commonly used DevSecOps related tools, plugging into developer IDEs, CI/CD tools, repos like GitHub and Bitbucket, docker and Kubernetes orchestration, and popular SIEM and analytics dashboards.

API gateways provide basic security like built-in authentication, SSL termination, and rate limiting. 42Crunch adds full enforcement of API contracts on all calls and responses, with runtime protection for both traditional North-South traffic and East-West traffic between microservices. In addition, DevOps teams get API discovery and earlier security feedback at API design and testing phases, so any out-of-boundary conditions that defy best practices or the organization’s set policies can be pinpointed.

©2020 Intellyx, LLC. At the time of writing, 42Crunch is not an Intellyx customer. Want to see more BrainCandy? Subscribe today. Intellyx publishes the Cloud-Native Computing Poster. If you are a vendor seeking coverage from Intellyx, please contact us at PR@intellyx.com.

SHARE THIS:

Principal Analyst & CMO, Intellyx. Twitter: @bluefug