Migrating from 42Crunch to middleBrick for LLM agent tool exposure audit

Try middleBrick free

What middleBrick covers

  • Black-box scanning of LLM agent tool exposure without code access
  • 12 categories aligned to OWASP API Top 10 including LLM adversarial probes
  • OpenAPI 3.0/3.1 and Swagger 2.0 parsing with recursive $ref resolution
  • Authenticated scanning with strict header allowlist and domain verification
  • Three-tier adversarial prompt injection testing: Quick, Standard, Deep
  • Continuous monitoring with diff detection and HMAC-SHA256 signed webhooks

Why migrate from 42Crunch to middleBrick for LLM tool exposure

Organizations running LLM-powered agents expose tool-calling workflows, function schemas, and generated prompts to API endpoints. The risk is not only data leakage but also prompt-injection paths that let an attacker influence agent behavior. Migrating from 42Crunch to middleBrick shifts the focus from signature-based detection to runtime behavior analysis across multiple scan tiers. Because middleBrick is a black-box scanner, it does not require agent binaries or code instrumentation, which simplifies adoption in heterogeneous stacks where agents call many third party services.

Mapping LLM tool exposure to compliance and risk frameworks

middleBrick maps findings directly to three frameworks: PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023). For LLM agent tool exposure audits, this mapping highlights misconfigurations that can lead to unauthorized tool usage or data exfiltration through function calls. The scanner covers requirements related to authentication integrity, input validation, and error handling. It also surfaces findings relevant to audit evidence for regulations such as HIPAA, GDPR, ISO 27001, and NIST, using alignment language rather than compliance guarantees.

Scan workflow and depth for agent tool exposure

The migration workflow starts with submitting the API base URL used by your agents. middleBrick completes a scan in under a minute using read-only methods and text-only POST probes designed for LLM introspection endpoints. It runs three tiers of LLM adversarial probes: Quick, Standard, and Deep. Each tier increases coverage of jailbreak patterns, including system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration attempts, cost exploitation, and token smuggling. The scanner also validates API definitions by parsing OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution and comparing spec definitions against runtime behavior.

Authenticated scanning and header controls

For endpoints that require authentication, middleBrick supports Bearer, API key, Basic auth, and Cookie credentials at the Starter tier and above. Domain verification is enforced through DNS TXT records or an HTTP well-known file, ensuring only the domain owner can run authenticated scans. The scanner forwards a strict header allowlist limited to Authorization, X-API-Key, Cookie, and X-Custom-* headers. This control reduces the risk of credential leakage while still allowing the scanner to exercise authenticated agent tool paths.

What you need to rebuild when migrating

Migration does not include automated fixes; middleBrick detects and reports with remediation guidance. You will need to rebuild any workflows that assumed intrusive testing, because middleBrick does not perform active SQL injection or command injection. If your process relied on business logic coverage, you must supplement with human review, as those vulnerabilities require domain understanding. Reporting integrations such as dashboards, email alerts, GitHub Action gates, MCP Server access, and webhook delivery must be reconfigured to point to middleBrick endpoints and reauthenticated with the new credentials.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can middleBrick detect blind SSRF in LLM agent workflows?
No. The scanner does not include out-of-band infrastructure probes for blind SSRF. Those tests are outside the scope of read-only scanning.
Does the scanner replace a human pentester for LLM agent audits?
No. middleBrick surfaces technical findings relevant to OWASP API Top 10 and provides remediation guidance, but it does not replace a human pentester for high-stakes audits involving complex business logic.
How are LLM adversarial probes organized across scan tiers?
The Quick tier covers basic prompt leakage and injection attempts. The Standard tier expands to encoding bypasses and multi-turn manipulation. The Deep tier includes nested instruction injection, tool abuse, and PII extraction probes.
What happens to scan data after account cancellation?
Customer scan data is deletable on demand and purged within 30 days of cancellation. The data is never sold and is not used for model training.
Can middleBrick validate API definitions for agent tooling?
Yes. It parses OpenAPI 3.0, 3.1, and Swagger 2.0, resolves recursive $ref, and cross-references definitions with runtime findings to identify undefined security schemes and deprecated operations.

Related Pages

Tool abuse audit — API securityTool abuse audit: what to check, how to automate it, and how middleBrick covers it.Vendor risk assessment — API securityVendor risk assessment: what to check, how to automate it, and how middleBrick covers it.Webhook receiver hardening — API securityWebhook receiver hardening: what to check, how to automate it, and how middleBrick covers it.Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.