In our first TechTalk of 2020, hosts Bill and Aran introduce Jay Thorne, Head of Product Strategy at Broadcom’s Layer7 API Management. He talks about Building API-aware Service Meshes with Layer7 and Istio, and includes a demo plus a comprehensive Q&A session.
Category: For Enterprise Architects
The benefits of JWT + JWS + JWE on API Designs
In this post I cover some good reasons to adopt JWT (JSON Web Token), JWS (JSON Web Sign), and JWE (JSON Web Encryption) in your API Designs. JWTs are a modern solution to an old problem: how to I know who this user is? They help us by being signed and stateless, and by having a common data…
CISSP Domain Principles and API Management Solutions
Recently, I took my CISSP exam and passed this industry recognized certification. As part of my preparation, I was trying to apply practical use-cases to those CISSP domain principles. Recognizing how important API security is to our customers, I was trying to associate our Layer7 API Management solutions with CISSP security principles. This not only helped me dwell…
A Substantive and Educational API Management User Group Gathering
On Tuesday December 3rd, the first Layer7 Enable U API Management User Group gathering was held at the Lloyd Hotel in Amsterdam. The User Group, organised by Dutch integration specialist Enable U in collaboration with Broadcom, was set up to share knowledge, and exchange ideas and experiences regarding API Management.
How to Use Policy to Retrieve a Portal API OAuth Token
An API Gateway can be a fast, easy way to manage entities in an API Portal. The Portal API (PAPI) provides entry-points to perform tasks such as onboard users, manage APIs that are protected by the gateway runtime, manage and update API versions and documentation, and administer API Management items such as application definitions, organizations, API plans and…
Layer7 API Gateway – Did You Know? Microsoft Forefront TMG Replacement
Most people familiar with APIs know the role of an API Gateway, which is typically used to secure access to APIs and provide capabilities such as threat protection, rate limiting, authentication, and authorization. The Layer7 API Gateway does all of this and much, much more. This series of posts will highlight scenarios where the Layer7 API Gateway has…
Denial of Service Attacks on The Rise!
Current industry reports for 2019 regarding Distributed Denial of Service (DDoS) attacks indicate a 776% increase for loads between 100 Gbps and 400 Gbps*. As the demand rises for companies to expose more API’s to the public, it becomes much more important to be able to quickly respond to cybercrime threats and changing tactics. We have recently introduced…
Enriching and Externalizing Gateway Metrics to Splunk
Overview Gateway metrics are a critical piece of intel to determine the health of Services and traffic throughput on an API Gateway. Using Layer7 API Management as an example, there are a few ways we can obtain this information: Policy Manager: Dashboard, PAPIM (Precision API Monitoring), sending this information to a monitoring solution via Gateway Metrics Tactical Assertion…
DevOps: REST API Execution Through Bash Shell Scripting III
A Simple Framework (Experiences) This is the third and last part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part shares some experiences/lessons learned from real world applications. Experiences It would be nice if API publishers simply provided an API client SDK in shell scripts. While…
DevOps: REST API Execution Through Bash Shell Scripting II
A Simple Framework (Extension) This is the second part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part discusses the extension beyond the core of the proposed framework. The third part shares some lessons learned from real world applications. The Basics The basic set of operations…