This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
This blog takes a look at GraphQL from a security perspective, and how to design a schema that meets CSO requirements.
Microservices are a popular approach to software architecture that aim to break up monolithic code into maintainable chunks. These discrete chunks allow for continuous delivery of a service while developing on top of what is in production. That flexibility is exciting in an agile environment, but rushing into deploying your code as a suite of microservices can put you at risk of incorporating anti-patterns that may cause significant problems down the line. In this blog, Adam discusses four common pitfalls as you start building your own microservices.
Software design patterns are the solutions used to tackle common software development problems. Design Patterns aren’t strictly required for running code but they are essential to avoiding problems in your code. In this article, Adam takes a look at the other side – anti-patterns – a sneaky but common poor software development technique.
In his latest blog, Adam discusses the importance of continuous API documentation as your API collection grows (and likely becomes more complex).
In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.
Our API Academy quarterly TechTalk is April 28th at 9:00AM PDT/12:00PM EDT, and has Noname Security experts joining the API Academy team for what promises to be a most interesting discussion. Our team will be talking about API Security – not only from an API management perspective (i.e. locked down gateways, best practices, secured mobile apps) but also enterprise-wide API security tactics, as well as emerging threat vectors.
The Zero Trust model is founded on the belief that organizations should not automatically trust anything inside or outside its perimeters and must verify everything trying to connect to its resources before granting access—based on identity, trustworthiness, and context. This blog discusses the Zero Trust model and its components.
Most organizations want to move quickly, but aren’t willing to trade uptime or quality in order to move faster. The desire for innovation and speed puts pressure on developers to shorten their release cadence, which could leave errors undetected. When the world of developers and operations collide, the organizational boundaries can create roadblocks. Two common […]