APIs are more important than ever in these challenging times where everything is being operated remotely. APIs make it easy to provide access to information and keep businesses running smoothly. They can also create new challenges and risks if they are not properly managed. First, security is paramount to ensure only those that are allowed…
Category: API Design
The Importance of API Testing
Like any software, APIs are subject to bugs and other errors. That makes API testing at least as important as other software testing, likely more-so. With potentially hundreds or thousands of consumers, an issue in your API could have a magnifying effect. To maintain software quality, it makes sense to have a robust approach to…
Securing Microservices with API Management
Today more and more enterprises are jumping into the bandwagon of digital transformation. To be competitive and aligned with this digital strategy, many enterprises started converting their monolithic and/or legacy applications into microservices to achieve: Speed to market Improve evolvability Scalability Enhance composability API’s, which are the building blocks of digital transformation, have become the…
How-to: Real-time API Monitoring
Knowing how your API is performing has always been key, but as our APIs become a more important and a key part of your customer experience it needs to be looked at differently. Traditional API monitoring relies on the API and its components as part of application infrastructure. Although this is important it also misses…
Why Insufficient Logging and Monitoring Can Help Attackers Hide in Plain Sight
I’ve been working in information security for nearly 45 years and started my long journey with punch cards and mainframes leading to today’s cloud and zero-trust. Our world of computing has certainly evolved, and I can’t even recall how many post-security breach investigation teams I’ve been part of or how many cyber incident management teams…
API Monitoring Across the API Lifecycle
Developers often can’t control API downtime, but they can certainly monitor for it. Yet, sending periodic pings to a service is only one of many ways to use API monitoring. To avoid common API headaches, you can apply monitoring principles across the entire API lifecycle, starting before you’ve written a single line of code. Design…
TechTalk: Implementing an Enterprise GraphQL Server
GraphQL is undeniably gaining traction in the Enterprise. TechTalk hosts Bill and Aran were joined by Broadcom Technology Partner Arvata for an introduction to GraphQL and an exciting unveiling of Arvata’s innovation that enables gateways to function as an Enterprise GraphQL server and GraphQL proxy. Arvata demonstrated how easy it is to use their GraphQL…
API Design Best Practices for Enterprises
Your API program will see more success with a thoughtful API design phase. Effort spent on architecture often returns as time saved during other phases of your project. These efficiencies add up across the hundreds or thousands of APIs you support. Your API design should be backed by your company’s strategy and focused on real…
Gateway Secure Deployment Architecture
In today’s digital world, API gateways are often the first interaction of incoming requests from the outside world. In most scenarios, enterprises place the gateways in DMZ strategically to secure, protect and throttle their internal digital assets. Hence, security for these gateways becomes crucial and they need to be properly configured and hardened. Whether it…
Managing the Effect of Slow Back-end Systems
Introduction: API deployments need to maintain a stable network behaviour, with widely varying back end systems. In a previous article, I talked about the need to maintain user experience. In a Layer7 API Gateway based deployment, back end systems that have high latency have some very interesting side effects. To effectively manage a gateway in…