Migrating from 42Crunch to middleBrick

Begin by extracting your existing 42Crunch findings and configurations. Use the 42Crunch UI or API to download scan reports, typically available as JSON or PDF artifacts. Focus on raw finding data including endpoint paths, risk ratings, and associated evidence such as request samples and response snippets. Note that 42Crunch metadata like test cases and policy definitions require manual re-mapping, as they do not export into a structured schema that middleBrick can ingest directly.

With your exported data, reconstruct a comparable history inside middleBrick. Import the curated JSON findings into a tracking spreadsheet or database to preserve temporal context. Then, run middleBrick scans on the same API inventory on a recurring schedule, using Pro tier continuous monitoring to create time-stamped scan records. This approach lets you compare new findings against your prior state and approximate historical trends, even though raw 42Crunch scan records are not directly ingestible into middleBrick.

Maintain security gates while switching tooling by coordinating releases and scans. In your CI pipeline, add a parallel step that runs middlebrick scan <url> alongside the existing 42Crunch checks. Use the CLI JSON output to evaluate status programmatically, and temporarily allow either check to pass until your team validates the new thresholds. Once the new scan results are consistent with expectations, remove the 42Crunch step and promote the middleBrick command to enforce the same quality bar.

middlebrick scan https://api.example.com/openapi.json --output json

Plan for capability gaps when leaving 42Crunch. If you relied on proprietary test cases or custom attack patterns unique to 42Crunch, those specific scenarios will not transfer to middleBrick. middleBrick focuses on standardized detection aligned to OWASP API Top 10 and does not perform intrusive payloads such as active SQL injection or command injection. You will also lose any tightly coupled developer workflows embedded in 42Crunch that are not supported by webhook or CI integrations.

Expect broader compatibility and a standardized security posture. middleBrick supports OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution, mapping findings to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023). The platform works black-box without agents across any language or cloud, completes scans in under a minute, and provides authenticated scanning with Bearer, API key, Basic auth, and cookies. Continuous monitoring, diff detection, and scored trend reporting give you ongoing insight without tying you to a single infrastructure stack.