How-to: API Management and HTTP/2

As usage of the HTTP/2 protocol becomes more prevalent, it’s clear that your API security solution must be able to handle HTTP/2 traffic. The performance enhancements offered by HTTP/2 make it ideal for high volume network traffic and IOT use cases, and even simpler use cases will reap the benefits. What once seemed like a…

Why APIs are Critical Today

APIs are more important than ever in these challenging times where everything is being operated remotely. APIs make it easy to provide access to information and keep businesses running smoothly. They can also create new challenges and risks if they are not properly managed.  First, security is paramount to ensure only those that are allowed…

The Importance of API Testing

Like any software, APIs are subject to bugs and other errors. That makes API testing at least as important as other software testing, likely more-so. With potentially hundreds or thousands of consumers, an issue in your API could have a magnifying effect. To maintain software quality, it makes sense to have a robust approach to…

How-to: Real-time API Monitoring

Knowing how your API is performing has always been key, but as our APIs become a more important and a key part of your customer experience it needs to be looked at differently. Traditional API monitoring relies on the API and its components as part of application infrastructure. Although this is important it also misses…

Why Insufficient Logging and Monitoring Can Help Attackers Hide in Plain Sight

I’ve been working in information security for nearly 45 years and started my long journey with punch cards and mainframes leading to today’s cloud and zero-trust. Our world of computing has certainly evolved, and I can’t even recall how many post-security breach investigation teams I’ve been part of or how many cyber incident management teams…

API Monitoring Across the API Lifecycle

Developers often can’t control API downtime, but they can certainly monitor for it. Yet, sending periodic pings to a service is only one of many ways to use API monitoring. To avoid common API headaches, you can apply monitoring principles across the entire API lifecycle, starting before you’ve written a single line of code. Design…

API Design Best Practices for Enterprises

Your API program will see more success with a thoughtful API design phase. Effort spent on architecture often returns as time saved during other phases of your project. These efficiencies add up across the hundreds or thousands of APIs you support. Your API design should be backed by your company’s strategy and focused on real…