- Видео 59
- Просмотров 124 769
42Crunch
США
Добавлен 18 мар 2019
#1 API Security Platform providing both API security testing and runtime protection.
API security testing during API design, development and testing identifies vulnerabilities and offers remediation advice (all from the developer IDEs and CI/CD platforms). This enables developers to build and automate security into the API development pipeline (shift-left). Security scores are given at each stage in the development cycle preventing APIs from passing to the next stage if they do not have a sufficient score. This means security teams retain full visibility and control of API security policy enforcement.
Runtime protection uses a positive security approach, if it is not defined then it is blocked, simplifying runtime security. Each API is automatically protected individually and any edit to the API Design will automatically update the runtime protection eliminating constant manual updates and allowing for API security to scale in line with production.
API security testing during API design, development and testing identifies vulnerabilities and offers remediation advice (all from the developer IDEs and CI/CD platforms). This enables developers to build and automate security into the API development pipeline (shift-left). Security scores are given at each stage in the development cycle preventing APIs from passing to the next stage if they do not have a sufficient score. This means security teams retain full visibility and control of API security policy enforcement.
Runtime protection uses a positive security approach, if it is not defined then it is blocked, simplifying runtime security. Each API is automatically protected individually and any edit to the API Design will automatically update the runtime protection eliminating constant manual updates and allowing for API security to scale in line with production.
Mitigating OWASP API Risks through Security by Design
The OWASP Top 10 API Security Risks provide a clear roadmap of the most common and dangerous vulnerabilities that can compromise your APIs. In this webinar, we explore how to integrate OWASP guidelines in a security initiative for software development to help teams build secure, resilient APIs by design. This session will offer practical insights to enhance the security of your applications.
A proactive security by design approach for your API will negate many of the risks identified by OWASP.
Key Takeaways?
Why adopt security by design
How to leverage OWASP guidelines for API development
Focus on the secure design and build not on vulnerabilities
Test the design and build throughout the devel...
A proactive security by design approach for your API will negate many of the risks identified by OWASP.
Key Takeaways?
Why adopt security by design
How to leverage OWASP guidelines for API development
Focus on the secure design and build not on vulnerabilities
Test the design and build throughout the devel...
Просмотров: 33
Видео
When GenAI meets risky APIs
Просмотров 462 месяца назад
As Generative AI adoption grows across the enterprise, so does the risk surface for potential data breaches and attacks. API security is a must have if you want to enable the responsible and effective deployment of GenAI technology. Large Language Models (LLMs) excel at processing and understanding unstructured data in order to generate coherent and context-specific text. Yet the real power of ...
Review of API Breaches and attacks during H1 2024
Просмотров 662 месяца назад
Anthony Lonergan reviews some high-profile API breaches that occurred in the first half of 2024. Anthony gives a detailed overview of each attack and explains how the different vulnerabilities were exploited. He then demonstrates how companies can remediate against these vulnerabilities in order to better protect their APIs. Understand how the API breach occurred, the resulting impact, the unde...
42Crunch API Security - Top Things you need to know about API security
Просмотров 2639 месяцев назад
industry’s leading experts, Dr. Philippe de Ryck and Isabelle Mauny guide you through some real-world cases of API security attacks and share some best practices to secure your APIs. They dive into some new and old crucial vulnerabilities such as authorization attack types (BOLA, BFLA and BOPLA), and authentication attacks on endpoints and attacks using JWT tokens. They explain each vulnerabili...
42Crunch API Security Testing and Runtime Threat Protection, available in the Microsoft Commerci...
Просмотров 58Год назад
42Crunch and Microsoft are collaborating to enable a DevSecOps approach that helps build more secure and resilient APIs without compromising on productivity or innovation. 42Crunch enables developers to build security into the development lifecycle of the API, providing not only API security testing at the design and development stages but also provide runtime protection of APIs in production.
Webinar - OWASP API Security Top 10 - 2023 Listing
Просмотров 2 тыс.Год назад
The OWASP API Security project has recently updated its Top 10 list of vulnerabilities that are commonly found in APIs. This list includes both well-known issues and new ones that are currently affecting APIs in the real world. It is crucial for those involved in the API industry to stay informed about these top threats and the OWASP Top 10 list is an excellent resource for doing so. By staying...
Mastering Secure API Development with GitHub & 42Crunch
Просмотров 230Год назад
With over 100 million users and 330 million repositories, GitHub has become the de facto home of software development. GitHub has become so much more than purely a Git repository hosting platform. With features such as repository forking, pull requests, and, most notably, GitHub Actions is now a one-stop development platform. 42Crunch is the developer-first API security platform with plugins fo...
Why API Security Cannot Wait Until Production
Просмотров 74Год назад
EMA Associates’ recent survey of technology and business leaders in North America revealed that 32% of firms admitted to only implementing API security standards in their production environment. Join industry experts from EMA Associates and 42Crunch as they explore why business cannot let API Security to be an afterthought.
API Security Testing in VS Code
Просмотров 322Год назад
Webinar showcasing how 42Crunch's API Audit and API Scan tools integrate within VS Code allowing developers to instantly audit and test their APIs as they code.
Microsoft Azure Sentinel Integration with 42Crunch - Webinar
Просмотров 260Год назад
This webinar showcases how users of the Microsoft Azure Sentinel platform via the 42Crunch platform integration can proactively protect their APIs. By leveraging 42Crunch’s API security platform, Azure Sentinel users gain visibility into their API infrastructure, identify vulnerabilities, and mitigate risks. ✅ More information Webinar Follow-up Materials: 42crunch.com/protect-your-apis-with-mic...
42Crunch API Security Promo Video
Просмотров 695Год назад
42Crunch is the #1 API Security Platform To Test and Secure Your APIs. Our tools provide API security testing and runtime protection for your APIs. Using our tools you can test APIs at all stages of design, development and testing and protect them in production. 1. Add security into the design of the API (using the OAS standard) 2. Audit and linter that API Design (OpenAPI contract) to ensure i...
Review of the Major API Breaches H2 2022
Просмотров 173Год назад
Colin Domoney reviews some of the major API breaches that occurred in the second half of 2022. In this practical webinar he outlines the API vulnerabilities that were compromised during the attacks and shows how to protect against them.
Hacking APIs for Fun & Profit - 42Crunch & Fortbridge
Просмотров 215Год назад
Colin Domoney, Developer Advocate at 42Crunch in discussion with Adrian and Bogdan Tiron, Managing Partners at FORTBRIDGE as they discuss their careers as pen testers, and in particular their recent experiences in API testing and exploiting API-based products.
Defending APIs with Jim Manico - Request Forgery
Просмотров 188Год назад
Jim Manico from Manicode and Colin Domoney from 42Crunch will discuss request forgery and how to prevent it. This technical talk is intended for the software developer who needs to build secure web applications and APIs. it will cover the two variants of request forgery - client-side (CSRF) and server-side (SSRF).
Review of Major API Breaches from H1 2022 - Episode 2
Просмотров 60Год назад
In Episode 1 Colin Domoney reviewed some of the major API attacks witnessed this year and in this episode, Colin will demonstrate how to defend against these common attack types and real-world API exploits.
Benefits of a Positive Security Model for APIs
Просмотров 54Год назад
Benefits of a Positive Security Model for APIs
API RIsk Audit - Online Demo - July 2022
Просмотров 182Год назад
API RIsk Audit - Online Demo - July 2022
Review of the Major Global API Security Breaches in H1 2022 - Episode 1
Просмотров 64Год назад
Review of the Major Global API Security Breaches in H1 2022 - Episode 1
Actively Monitor and Defend Your APIs with 42Crunch and the Microsoft Azure Sentinel Platform
Просмотров 42Год назад
Actively Monitor and Defend Your APIs with 42Crunch and the Microsoft Azure Sentinel Platform
OWASP API Security Top 10 - Comprendre les menaces qui ciblent les APIs
Просмотров 229Год назад
OWASP API Security Top 10 - Comprendre les menaces qui ciblent les APIs
OWASP API Security Top 10 Challenges - Episode 2
Просмотров 190Год назад
OWASP API Security Top 10 Challenges - Episode 2
OWASP API Security TOP 10 Challenges - Episode 3
Просмотров 108Год назад
OWASP API Security TOP 10 Challenges - Episode 3
OWASP API Security Top 10 Challenges - Episode 1
Просмотров 481Год назад
OWASP API Security Top 10 Challenges - Episode 1
How to Extend Protection of your data from API to Mobile Application
Просмотров 3732 года назад
How to Extend Protection of your data from API to Mobile Application
How to Automate API protection with Security as Code
Просмотров 9382 года назад
How to Automate API protection with Security as Code
Protección efectiva de sus APIs y Microservicios
Просмотров 1233 года назад
Protección efectiva de sus APIs y Microservicios
Diseñando API seguras usando la plataforma 42Crunch con Postman
Просмотров 723 года назад
Diseñando API seguras usando la plataforma 42Crunch con Postman
Postman and 42Crunch OpenAPI Collection
Просмотров 6523 года назад
Postman and 42Crunch OpenAPI Collection
Dissecting the Biggest API Breaches from Q1 2021 - APIsecurity.io
Просмотров 7443 года назад
Dissecting the Biggest API Breaches from Q1 2021 - APIsecurity.io
Boy I wonder what shitpost I could repost to get the inception org across
Hi can we connect ,I want your help ?
the sound is very low I can't hear you
Promo_SM
Would be awesome if the security audit would not fail when we use yaml anchors.
Hi, could you please open a ticket here: support.42crunch.com so that we can investigate this problem ? Thanks!
Thanks 🙏🙏
This channel is very helpful for api pentesting 😊😊
Great presentation with good examples.
great talk
Great talk