Migrating from 42Crunch to middleBrick for Jailbreak resistance probe battery

Try middleBrick free

What middleBrick covers

  • 18 adversarial LLM jailbreak probes across three scan tiers
  • Risk scoring on A–F scale with prioritized findings
  • OWASP API Top 10, PCI-DSS 4.0, and SOC 2 Type II mapping
  • Authenticated scans with strict header allowlist
  • Continuous monitoring with diff detection and webhook alerts
  • Read-only scanning with no agents or code access

Current probe battery limitations with 42Crunch

Your existing 42Crunch setup runs a fixed set of jailbreak probes, with limited control over probe selection and no visibility into probe internals. Results are aggregated into a single score, making it difficult to correlate specific probe behaviors with concrete risk. You cannot easily extend the probe list or tune the battery for your API surface, and historical probe data is tied to the vendor platform.

How middleBrick replaces the probe battery workflow

middleBrick replaces the opaque probe battery with a transparent, configurable scanning approach focused on outcome over mechanism. It executes 18 adversarial probes across three scan tiers—Quick, Standard, and Deep—covering system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration, token smuggling, and multi-turn manipulation. Each scan returns a risk score from A to F with prioritized findings, giving you direct insight into which probe classes triggered and why.

Mapping findings and compliance evidence

middleBrick maps findings directly to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II, providing structured evidence you can use in audits. For each finding, you receive context, severity, and remediation guidance aligned with these frameworks. Unlike a fixed probe set, this mapping highlights gaps in authentication, authorization, input validation, and LLM-specific attack surfaces, so you can justify security controls with traceable evidence rather than generic probe counts.

Authentication and scanning constraints

Authenticated scans in Starter and above support Bearer, API key, Basic auth, and Cookie methods. Domain verification is required: only the domain owner can scan with credentials via DNS TXT record or an HTTP well-known file. The scanner forwards only a strict header allowlist—Authorization, X-API-Key, Cookie, and X-Custom-*—and uses read-only methods (GET, HEAD, text-only POST), ensuring no destructive payloads are sent. This model preserves continuity when moving from 42Crunch while enforcing strict access boundaries.

Operationalizing continuous monitoring and integrations

For ongoing protection, Pro tier enables scheduled rescans every 6 hours, daily, weekly, or monthly, with diff detection that surfaces new findings, resolved findings, and score drift. You receive rate-limited email alerts (1 per hour per API) and can configure HMAC-SHA256 signed webhooks that auto-disable after 5 consecutive failures. Integration options include a CLI (middlebrick scan <url>) with JSON or text output, a GitHub Action that fails the build on low scores, an MCP server for AI coding assistants, and a Web Dashboard for tracking trends and exporting branded compliance PDFs.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can I replicate my exact 42Crunch probe configuration in middleBrick?
middleBrick does not expose raw probe configuration; instead, you select a scan tier (Quick, Standard, Deep) and rely on mapped findings to assess coverage. The outcome-focused approach emphasizes what is detected and how it maps to frameworks, rather than reproducing a specific probe list.
How does middleBrick handle authenticated scan setup compared to 42Crunch?
You provide standard credentials—Bearer, API key, Basic auth, or Cookie—and complete a domain verification gate. Only the domain owner can scan authenticated, and the scanner strictly limits forwarded headers to reduce exposure.
Will migrating remove historical probe data from 42Crunch?
Historical probe data remains managed within your 42Crunch environment. middleBrick stores its own scan records and supports deletion on demand, with data purged within 30 days of cancellation.
Which frameworks does middleBrick map findings to?
Mappings are provided directly to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II. Other frameworks are supported through alignment language, such as helping you prepare for or surfacing findings relevant to specified controls.
How do scan tiers affect LLM jailbreak coverage?
Deeper tiers increase probe density and interaction complexity, exercising more multi-turn manipulations, indirect prompt injections, and token smuggling scenarios. Quick is suitable for baseline assurance, while Deep is intended for rigorous validation of LLM resilience.

Related Pages

Tool abuse audit — API securityTool abuse audit: what to check, how to automate it, and how middleBrick covers it.Vendor risk assessment — API securityVendor risk assessment: what to check, how to automate it, and how middleBrick covers it.Webhook receiver hardening — API securityWebhook receiver hardening: what to check, how to automate it, and how middleBrick covers it.Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.