This artcile takes a look at API ownership and the importance of implementing an API management solution
API Management
OAuth mTLS Adoption Challenges
This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
GraphQL Schemas – From Design-time Introspection to Runtime Content Validation
This blog takes a look at GraphQL from a security perspective, and how to design a schema that meets CSO requirements.
API Academy Workshop with Apidays NYC 2022: Emerging Strategies with API Gateways
At the API Academy Workshop held in conjunction with Apidays NYC 2022, Bala discusses emerging strategies with API gateways.
API Academy Workshop with Apidays NYC 2022: Emerging Gateway Patterns
At the API Academy Workshop done in conjunction with Apidays NYC 2022, Gary discusses emerging gateway patterns and how to prepare for them.
Apidays NYC 2022: Friends Don’t Let Friends Centralize Authorization Enforcement
Achieving an identity-centric security model is no small feat. The composable enterprise needs to be secured across multiple clouds, while providing end-users with delightful experiences, yet still maintain high levels of assurance. Oh yea… it has to scale too. This presentation shares lessons learned from our journey towards automating the distributed enforcement of access control rules, and how leveraging a symbiotic relationship between identity management and runtime API security infrastructure enables an identity mesh that spans across applications.
Three Questions for API Change Management
Adam’s latest blog discusses API Change management and how it allows us to create a process or a set of rules that shapes the way the API grows as more endpoints are added and as existing functionality changes. He then discusses the three factors to consider whenever making changes to an API.
Continuous API Management Requires Continuous API Documentation
In his latest blog, Adam discusses the importance of continuous API documentation as your API collection grows (and likely becomes more complex).
Scaling Token Revocation with Continuous Access Evaluation
In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.
How-to Protect Your APIs from OWASP API Security Top Ten (part two)
In this second part of a two-part series, Francois takes a look at #’s 6-10 of the OWASP API Security Top 10 risks and how to best mitigate them through a secured API management solution.