SAN JOSE, Calif., Oct. 9, 2019 /PRNewswire/ -- Today at API World, API security leader and creator of the industry's first API Firewall, 42Crunch, announced the availability of REST API Security Audit functionality in its popular OpenAPI extension for Microsoft Visual Studio Code — making it easier than ever to enable a DevSecOps process for API security.
Developers working on their APIs within 42Crunch's VS Code extension simply have to click the Security Audit button at the top right of the window to run a remote service that will audit the API contract against 200+ various checks for API security best practices and possible vulnerabilities; including authentication, authorization, transport, data inputs and outputs.
The results are presented as an actionable Security Audit report. Each vulnerability is also underlined in the code and added to the IDE's Problems panel. The tool provides an explanation, possible exploit scenario, and fix recommendations.
"With APIs increasingly becoming one of the primary attack vectors, companies want to shift-left and have developers ensure that their APIs are designed and implemented with security in mind from day 1," says Dmitry Sotnikov, VP of Cloud Platform at 42Crunch. "42Crunch has made it easier for software engineers to get API security audit and recommendations at their fingertips, right within their IDE."
The extension supports both version 2 and version 3 of OpenAPI specification, both JSON and YAML formats. It's available free to all VS Code users at http://bit.ly/42vscode and already has more than 16 thousand installations and 11 five-star reviews.
API World 2019
Join 42Crunch at API World – Booth 306 to learn more about ensuring API security across all REST APIs in your company. For a deeper dive into DevSecOps for API Security and the OWASP API Top 10 – join our security experts for their presentations today:
- The Dev, Sec and Ops of API Security: Presented by Isabelle Mauny, Field CTO
- OWASP API Security Top 10: Presented by Dmitry Sotnikov, VP of Cloud Platform
The 42Crunch platform provides a set of automated tools to easily secure your entire API infrastructure by building security into OpenAPI contracts and enforcing those policies throughout the entire lifecycle. By delivering security as code you enable a seamless DevSecOps experience, allowing innovation at the speed of business without sacrificing the security of your APIs. Visit https://42crunch.com to learn more.
Join our online community: https://apisecurity.io