The Industry Authority for APIs and Microservices
In this first piece of our three-part series, we’ll examine the top three risks on the 2023 list: Broken Object Level Authorization, Broken Authentication and Broken Object Property Level Authorization.
This blog reviews the OWASP, the Top Ten and API Security Top Ten, and opens the door for an upcoming series on the latter two.
This 3rd in a 3 part series furthers the discussion on OpenTelemetry and API Gateways can leverage Otel for new levels of observability for APIs.
This artcile takes a look at API ownership and the importance of implementing an API management solution
This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
This blog takes a look at GraphQL from a security perspective, and how to design a schema that meets CSO requirements.
At the API Academy Workshop held in conjunction with Apidays NYC 2022, Bala discusses emerging strategies with API gateways.
At the API Academy Workshop done in conjunction with Apidays NYC 2022, Gary discusses emerging gateway patterns and how to prepare for them.
Achieving an identity-centric security model is no small feat. The composable enterprise needs to be secured across multiple clouds, while providing end-users with delightful experiences, yet still maintain high levels of assurance. Oh yea… it has to scale too. This presentation shares lessons learned from our journey towards automating the distributed enforcement of access control rules, and how leveraging a symbiotic relationship between identity management and runtime API security infrastructure enables an identity mesh that spans across applications.
