In this three part article, we’ll cover some of the best practices in selecting the best TLS cipher suite algorithms with your API gateways.
For Enterprise Architects
Do You Need Site Reliability Engineers for Your APIs?
Most organizations want to move quickly, but aren’t willing to trade uptime or quality in order to move faster. The desire for innovation and speed puts pressure on developers to shorten their release cadence, which could leave errors undetected. When the world of developers and operations collide, the organizational boundaries can create roadblocks. Two common […]
How To Protect Your Web Applications from OWASP Top Ten (part two)
In my first blog on How to Protect Your Web Applications from OWASP Top Ten, I discussed both OWASP and the OWASP Top Ten project, as well as how a properly configured API management solution can protect you against the first five of these threats. In this blog we’ll complete the Top Ten. A6 Security […]
How To Protect Your Web Applications from OWASP Top Ten (part one)
The Open Web Application Security Project (OWASP) is a non-profit foundation that works the improve the security of software through open-source projects. One such project is outlining the ten most critical security concerns for application security, known as the OWASP Top Ten. This two-part blog will take a look at each of these, and how […]
How to Identify Your Organization’s API Landscape
Your company provides a lot of APIs to both external and internal consumers. Your API landscape is every API you’ve built, plus those in the early stages of design and development. Before you can make decisions within this landscape—such as which APIs are working well, which may need to be shelved, and which may need […]
Six Health Checks for Your API
Organizations of all sizes depend on APIs to decrease time to market, achieve business goals, and connect important systems. In order to count on those APIs, they need to stay operational. You’ll want to consider the six health checks in this post to prevent issues and other interruptions. The first four are related to the […]
Continuous Monitoring for API Reliability
Anyone building APIs should know how well they perform. Without a view into your API reliability, you’ll be gambling that everything works as expected. API consumers—internal collaborators, partners, or other external developers—will discover if your API breaks and let you know about it. Continuous Monitoring can help you uncover these issues proactively. Developers that use […]
Securing the Digital Record
Recently, I was chatting with a group of colleagues – we were all complaining about doctors and waiting rooms, etc. During the conversation, I mentioned something that I thought was pretty interesting. Being over 40 and blonde hair/blue eyed, AND having spent my teens and 20s soaking up the sun, I’m basically putting my dermatologist’s children through […]
Modern API Description Formats
For many organizations, the days of undocumented APIs are mostly gone. There are now several formats used to describe APIs. These machine-readable files can be converted into documentation and even be used to test integrations. While there are several formats, the most well-known is OpenAPI. In this article, we’ll provide a highlight of that and […]
API Security in a Multi-Cloud Environment
In today’s app economy, more and more client interactions and transactions are occurring via the web and mobile applications, where predominantly APIs are been used for Information Exchange. Which enables modern enterprise to break the traditional barriers and expose their on-premises and cloud-based digital assets and applications to the outside world in a secure manner. […]