Migrating from 42Crunch to Snyk

Try middleBrick free

What middleBrick covers

  • Import and normalize scan findings across platforms
  • Rebuild trend lines using normalized historical data
  • Update CI/CD pipelines to use new CLI and API
  • Map findings to OWASP API Top 10 for evidence
  • Preserve alert routing and notification settings
  • Retain artifacts to support audit review

Overview of migration goals

Moving from a specialized API security platform to a self-service scanner involves changes in workflow, evidence handling, and tooling integration. This guide focuses on data export, rebuilding scan history, and preserving CI wiring, without asserting equivalence in audit coverage or certification capability.

Data export and evidence handling

Export scan reports, findings, and configuration from the source system in a structured format such as JSON or CSV. For each scan, retain the timestamp, input URL, authentication context, and the set of detected findings with unique identifiers. Map these fields to the destination tool’s schema, noting where severity labels, confidence levels, or category groupings differ. Maintain original artifacts to support audit evidence, and document any transformations applied during the migration.

Rebuilding scan history and trends

Reconstruct historical trend lines by importing normalized scan records into the new platform. Because automated history reconstruction is not always possible, reconcile differences in scoring models and category definitions. Use consistent identifiers for APIs and environments, and apply time-based grouping to compare findings across scan cycles. Track score drift and new or resolved findings using the imported dataset, acknowledging that reconstructed history may not perfectly match prior platform analytics.

Preserving CI wiring and automation

Update pipeline configurations to point to the new tool’s endpoints, using environment variables for URLs and tokens. Convert existing CI logic to call the new CLI or API with equivalent parameters, such as scan targets, authentication methods, and quality gate thresholds. Ensure that failure conditions are redefined based on the new tool’s score ranges and that alert routing connects to existing notification channels like email or chat systems.

middlebrick scan https://api.example.com --token $MB_TOKEN --output json

Known gaps and alignment considerations

Recognize differences in detection scope, especially around intrusive testing, business logic analysis, and blind infrastructure probing. The new tool maps findings to frameworks such as OWASP API Top 10 and supports audit evidence for related controls, but it does not provide certification or compliance guarantees. Plan compensating controls or manual validation where prior platform coverage was more extensive.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can I fully recreate historical scan data from the previous platform?
You can export and import structured findings, but detailed historical analytics and trend calculations may not transfer exactly due to differences in scoring models.
Will compliance mappings transfer automatically during migration?
Mappings to OWASP API Top 10 can be reconstructed manually. Claims of certification or compliance do not transfer and should not be assumed.
How do I preserve CI/CD gate behavior after migration?
Update pipeline steps to use the new CLI or API, reconfigure thresholds, and verify that failure conditions align with the new tool’s score ranges and alerting model.
Is authenticated scanning configuration preserved after migration?
Authentication details such as tokens and certificates must be re-entered, and domain verification steps must be repeated to ensure ownership.
Does the new tool provide the same breadth of security coverage as the previous platform?
It covers many of the same categories aligned to OWASP API Top 10, but does not perform intrusive payloads or guarantee detection of all business logic issues.

Related Pages

Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.Nuclei vs Salt SecurityNeutral side-by-side comparison of Nuclei and Salt Security.OWASP ZAP vs Prompt SecurityNeutral side-by-side comparison of OWASP ZAP and Prompt Security.42Crunch vs Lasso SecurityNeutral side-by-side comparison of 42Crunch and Lasso Security.