For App Developers Archives - Page 2 of 6

Anti-patterns in Microservices (Don’t Do These)

By Adam DuVanderPosted on June 30, 2022June 30, 2022

Microservices are a popular approach to software architecture that aim to break up monolithic code into maintainable chunks. These discrete chunks allow for continuous delivery of a service while developing on top of what is in production. That flexibility is exciting in an agile environment, but rushing into deploying your code as a suite of microservices can put you at risk of incorporating anti-patterns that may cause significant problems down the line. In this blog, Adam discusses four common pitfalls as you start building your own microservices.

What are API Anti-Patterns?

By Adam DuVanderPosted on June 21, 2022June 21, 2022

Software design patterns are the solutions used to tackle common software development problems. Design Patterns aren’t strictly required for running code but they are essential to avoiding problems in your code. In this article, Adam takes a look at the other side – anti-patterns – a sneaky but common poor software development technique.

Continuous API Management Requires Continuous API Documentation

By Adam DuVanderPosted on May 31, 2022May 31, 2022

In his latest blog, Adam discusses the importance of continuous API documentation as your API collection grows (and likely becomes more complex).

Scaling Token Revocation with Continuous Access Evaluation

By Balaji Radhakrishnan, PMP, CISSPPosted on May 15, 2022January 10, 2023

In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.

Key Use Cases for GraphQL APIs

By Adam DuVanderPosted on May 12, 2022May 12, 2022

GraphQL has become a preferred option when flexibility and efficiency are top priorities. GraphQL is also easy to integrate with existing applications, since implementations are available in JavaScript, Python, PHP, and several other languages. Here are three use cases where GraphQL shines. This article highlights three specific use cases where GraphQL shines.

Q2 TechTalk

By Bill Oakes, CISSPPosted on March 31, 2022November 7, 2022

Our API Academy quarterly TechTalk is April 28th at 9:00AM PDT/12:00PM EDT, and has Noname Security experts joining the API Academy team for what promises to be a most interesting discussion. Our team will be talking about API Security – not only from an API management perspective (i.e. locked down gateways, best practices, secured mobile apps) but also enterprise-wide API security tactics, as well as emerging threat vectors.

The Push for Zero Trust

By Bill Oakes, CISSPPosted on September 13, 2021September 13, 2021

The Zero Trust model is founded on the belief that organizations should not automatically trust anything inside or outside its perimeters and must verify everything trying to connect to its resources before granting access—based on identity, trustworthiness, and context. This blog discusses the Zero Trust model and its components.

Do You Need Site Reliability Engineers for Your APIs?

By Adam DuVanderPosted on September 2, 2021September 3, 2021

Most organizations want to move quickly, but aren’t willing to trade uptime or quality in order to move faster. The desire for innovation and speed puts pressure on developers to shorten their release cadence, which could leave errors undetected. When the world of developers and operations collide, the organizational boundaries can create roadblocks. Two common […]

SRE vs DevOps for APIs

By Adam DuVanderPosted on August 16, 2021August 16, 2021

How do you expand API functionality while also ensuring existing mission-critical features continue to operate under stress? API development teams tend to focus on new features, while operations teams focus on stability. In the past, this difference in focus often led to these teams working at cross-purposes and made API development difficult. In recent years, […]

How To Protect Your Web Applications from OWASP Top Ten (part two)

By Bill Oakes, CISSPPosted on August 2, 2021August 3, 2021

In my first blog on How to Protect Your Web Applications from OWASP Top Ten, I discussed both OWASP and the OWASP Top Ten project, as well as how a properly configured API management solution can protect you against the first five of these threats. In this blog we’ll complete the Top Ten. A6 Security […]