Securing the Digital Record

Recently, I was chatting with a group of colleagues – we were all complaining about doctors and waiting rooms, etc. During the conversation, I mentioned something that I thought was pretty interesting. Being over 40 and blonde hair/blue eyed, AND having spent my teens and 20s soaking up the sun, I’m basically putting my dermatologist’s children through…

Modern API Description Formats

For many organizations, the days of undocumented APIs are mostly gone. There are now several formats used to describe APIs. These machine-readable files can be converted into documentation and even be used to test integrations. While there are several formats, the most well-known is OpenAPI. In this article, we’ll provide a highlight of that and…

TechTalk: A Panel on API Security

May’s TechTalk had hosts Aran and Bill joined by Dmitry Sotnikov, CPO of 42Crunch, for a panel discussion on common API security issues and how to mitigate them. In addition to addressing these common issues, the panel also took questions from the audience. Definitely a topic of interest. API Academy encourages those who are interested…

Advice to Developers: Double-check Configurations to Avoid Cybersecurity Pain

Last month in my API Academy blog I provided my observations and recommendations about the importance of logging and monitoring from a cybersecurity perspective. This month, I’ll focus on the importance of avoiding security misconfigurations when building and updating applications. As I noted last month, I’m a bit of an old salt in security, having…

Top Ten GraphQL Myths Debunked

There are a lot of myths out there (flying horse, anyone?). There’s even myths about GraphQL, which can lead to misunderstandings around it’s use cases, and even at times unwarranted fears over it’s usage. Let’s take a look at the top 10 most common GraphQL myths and see if we can’t assuage some worries and…