Our Services > Run

API Security via 42Crunch

To protect your APIs in the best way possible, Yenlo offers you additional API Security with 42Crunch. Either as a standalone solution or integrated with your preferred Yenlo technology.

API security as code

Automating your API security has never been so easy and safe. Yenlo is a proud reseller of the 42Crunch API security platform. An industry-leading API security platform that is unmatched in its results.

We can offer you 42Crunch as a standalone solution or as an integrated part in Yenlo’s iPaaS Connext platform. Together, the 42Crunch platform and Yenlo Connext enable your enterprise to make security part of your continuous integration and continuous deployment (CI/CD).

The 42Crunch solution lets you describe security as code as part of your OpenAPI specification files, allowing you to entirely automate the API security process, from the very beginning of the API lifecycle. Developers can simply annotate their API contracts to describe the required security policies and we process those annotations to automatically generate an API firewall configured to protect the API.

Developer driven intelligence

  • Empowers developers to secure their API from design time using a description language they know: security as code.
  • Enables the introduction of security as early as possible in the API lifecycle: API DevSecOps.
  • Delivers a unified and integrated platform for development, security and operations teams: single source of truth for API security.


Audit, Scan and Protect your APIs from code to production by empowering developers with tools to be the driving force behind API security.

1. Audit

Run 200+ security audit checks of the OpenAPI specification definition with detailed security scoring to help define and strengthen the API contract.


2. Scan

Scan live API endpoints to discover potential vulnerabilities and discrepancies of the API implementation against the API contract.


3. Protect

Configure the 42Crunch API-native micro-firewall straight from the OpenAPI definition: automatically protect APIs and engage pre-defined policies.

The benefits of 42Crunch


  • At any stage: design, development, testing, runtime – 42Crunch tells you exactly what each security issue is, with specific location in API contract, an explanation of the possible exploit scenario and suggested remediation.
  • Cloud-native architecture means that protection can get added to your existing microservice deployments with no extra infrastructure required.
  • No proprietary formats – the platform leverages the industry standard OpenAPI specification.
  • Hybrid deployment model (management and testing done from the cloud and protection firewall deployed next to your APIs in your current deployment infrastructure) makes getting started and maintaining the system a breeze.


  • 42Crunch gets embedded right into your current tooling: IDEs, code repositories & collaboration platforms, CI/CD – being there right when you need it.
  • Security Audit and Scanning become automated checks ensuring that insecure code never makes it to the master branch and production deployment.
  • Runtime protection policies get automatically redeployed with each API change making sure that you can stay agile without compromising security.


  • 42Crunch dashboards provide common view on all the projects that the enterprise has, all APIs in them, and the state of security for each and every one of them.
  • All teams: API architects, developers, QA, security, operations – get a shared view of API security, its shared definition, and shared understanding of what needs to be done to improve it.
  • 42Crunch integrates with existing collaborative developer tooling such as GitHub, GitLab, or Azure pipelines.

API Security by design

  • API Native
    Addresses natively APIs’ unique security requirements across data validation, authentication, authorization, confidentiality, integrity.
  • API Micro-firewall for Kubernetes
    Thanks to its low footprint, 42Crunch API Firewall can be deployed at scale on Kubernetes as sidecar proxy.
  • Intuitive User Interface
    The intuitive interface makes it easy to get started, and provides real-time Security dashboards with actionable data.
  • Positive Security Model
    The API Contract is the core of the security configuration, allowing to automatically enforce traffic inbound and outbound.
  • Integrate into CI/CD
    Push your OpenAPI definition to your CI/CD pipeline and automatically audit, scan & protect your API.
  • Designed for DevSecOps
    Enables a seamless DevSecOps experience from development to deployment through automation.

A selection of our clients

hard rock

Technologies we believe in for your digital transformation

At Yenlo you can choose from a range of major integration technology providers. Azure, Boomi, Mulesoft, WSO2, and our very own Yenlo cloud-based solutions. Find the right one for you.
API first, Open Standards first and Cloud first strategies are the starting point of everything WSO2 builds.
Read more
Hybrid-cloud services for organizations that want to connect on-premise and cloud-based systems in one simple and visually stunning solution.
Read more
The full range of cloud computing solutions under one roof for anyone from Fortune 500 companies to start-ups.
Read more
One of the industry-leading solutions for your most complex integration challenges.
Read more
InterSystems offers state-of-the-art technology that bridges the gap between current challenges and the intended interoperable future of Open Healthcare.
Read more
Amazon Web Services offers a powerful and user-friendly service suite, supported by the reliability of Amazon Web Services – a world leader in cloud computing.
Read more

The absolute best API Security solution on the market

Is securing your APIs your number one priority? Contact us and learn more about 42Crunch, the best API Security solution on the market.

Start a chat

Factsheet 42Crunch API Security Platform

Get it now
What's on our menu