This blog introduces mTLS and discusses the advantages of combining it with OAuth 2.0 for additional security.
For API Developers
GraphQL Schemas – From Design-time Introspection to Runtime Content Validation
This blog takes a look at GraphQL from a security perspective, and how to design a schema that meets CSO requirements.
Three Questions for API Change Management
Adam’s latest blog discusses API Change management and how it allows us to create a process or a set of rules that shapes the way the API grows as more endpoints are added and as existing functionality changes. He then discusses the three factors to consider whenever making changes to an API.
Continuous API Management Requires Continuous API Documentation
In his latest blog, Adam discusses the importance of continuous API documentation as your API collection grows (and likely becomes more complex).
API Reliability: How SRE Yields Better APIs
In his latest article, Adam explores the role of the SRE as it relates to API strategy/design, and some of the advantages adopting this role brings to both APIs and business.
Scaling Token Revocation with Continuous Access Evaluation
In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.
Key Use Cases for GraphQL APIs
GraphQL has become a preferred option when flexibility and efficiency are top priorities. GraphQL is also easy to integrate with existing applications, since implementations are available in JavaScript, Python, PHP, and several other languages. Here are three use cases where GraphQL shines. This article highlights three specific use cases where GraphQL shines.
Adapting Continuous API Management for Cloud Architecture
In his latest blog, Adam discusses best practices for Continuous API Management , including several significant ways that drives change when the API is operating on cloud architecture. API management, whether on the cloud or off, comes down to discovery, documentation, monitoring, alerting, and authentication/security. How well you implement best practices in these areas will make or break your service. In this article, we’ll summarize several considerations for adapting to the cloud.
GraphQL vs. gRPC vs. REST: Comparing Data Exchange Methods for APIs
In his latest blog, Adam discusses how APIs are the building blocks of the distributed systems that run our world, and how they constantly move data from point to point. He then discusses different API technologies to provide solutions to different pain points in API data exchange.
Q2 TechTalk
Our API Academy quarterly TechTalk is April 28th at 9:00AM PDT/12:00PM EDT, and has Noname Security experts joining the API Academy team for what promises to be a most interesting discussion. Our team will be talking about API Security – not only from an API management perspective (i.e. locked down gateways, best practices, secured mobile apps) but also enterprise-wide API security tactics, as well as emerging threat vectors.