Sponsored by Layer7
Most organizations maintain dozens or even hundreds of APIs. Maintaining consistency and avoiding redundancy quickly becomes a major issue. API governance helps organizations declare and adhere to guidelines for new and existing APIs. There are different approaches to encourage conformity in API design, including governance review and automated restrictions. In this post, we’ll explore both […]
Here’s the replay of the North America API Academy Virtual Workshop from July 15, 2020. The agenda was the keynote on API strategy with John Cocke of HCL, followed by a discussion on API design with Academy members Jaime Ryan and Aran White. Jay Thorne of the Academy then discussed microservices and service mesh, and […]
Right now someone is powering up an original iPhone. On their home screen, they’re tapping the icon for a 10 year old app. As it loads, it calls an endpoint that a development team would rather not maintain. For many APIs, a life of suspended animation is a big part of their story. In API […]
In today’s app economy, more and more client interactions and transactions are occurring via the web and mobile applications, where predominantly APIs are been used for Information Exchange. Which enables modern enterprise to break the traditional barriers and expose their on-premises and cloud-based digital assets and applications to the outside world in a secure manner. […]
The new certification course for API Security Architect is now available. This is an in-depth, self-paced course, and by completing this course, you will be able to: Explain the unique security risks of APIs and identify typical areas of API vulnerabilities Explain the purpose of OAuth 2.0 as a framework for authorization Describe the current […]
After you publish your API, one of the first questions you may be asked or ask yourself is probably “who is using it?â€, followed quickly by “is it working?â€. Over time you’ll want to see all sorts of data about your API traffic. In the past, you may have spent months updating your endpoints to […]
Over the last 10 years, APIs have become the de facto tool of modern software development. “Let’s build an API for that,†is a natural reaction to a technical problem. While APIs play a key role, many engineering organizations are now overflowing with non-strategic services. Developer confusion might have been limited if those groups had […]
June 2020’s TechTalk had Joe Krull from Aite Group and API Academy’s own Jay Thorne join hosts Aran and Bill on a discussion around OWASP Top 10 and the newer API Top 10 and how enterprises can address common security issues around these problem areas. They also discussed the relationship between app developers and security […]
Over the past months in API Academy blogs I’ve provided my observations and recommendations on the importance of event and access logging and the compelling reasons why you want to avoid security misconfigurations. This month, I’ll focus on security training for developers and why you should make this investment. To remind, I’m a bit of […]
Today, I have a guest contributor: I was working with Vidhya Bhushan, one of my Broadcom team members on our performance testing team. We had a discussion about performance testing for a specific use case and I asked for scaling of the test generation, and he commented that we might not need to since the […]
