Recently, I took my CISSP exam and passed this industry recognized certification. As part of my preparation, I was trying to apply practical use-cases to those CISSP domain principles. Recognizing how important API security is to our customers, I was trying to associate our Layer7 API Management solutions with CISSP security principles. This not only…
Category: API Management
A Substantive and Educational API Management User Group Gathering
On Tuesday December 3rd, the first Layer7 Enable U API Management User Group gathering was held at the Lloyd Hotel in Amsterdam. The User Group, organised by Dutch integration specialist Enable U in collaboration with Broadcom, was set up to share knowledge, and exchange ideas and experiences regarding API Management.
Layer7 API Gateway – Did You Know? Microsoft Forefront TMG Replacement
Most people familiar with APIs know the role of an API Gateway, which is typically used to secure access to APIs and provide capabilities such as threat protection, rate limiting, authentication, and authorization. The Layer7 API Gateway does all of this and much, much more. This series of posts will highlight scenarios where the Layer7…
Enriching and Externalizing Gateway Metrics to Splunk
Overview Gateway metrics are a critical piece of intel to determine the health of Services and traffic throughput on an API Gateway. Using Layer7 API Management as an example, there are a few ways we can obtain this information: Policy Manager: Dashboard, PAPIM (Precision API Monitoring), sending this information to a monitoring solution via Gateway…
Should Your API Gateway be Considered Part of Your API Management Platform?
Recently at API world I was able to see many new Enterprise API architectures (“marketechtures,” as one engineering director called it, got few laughs but I chuckled quietly to myself) including some high-level diagrams from large well-known providers of services leveraged by enterprises and common end-users alike. Several companies separate the concept of API Gateways…
5 Pillars of API Management
API Academy Manage security and performance risks created by opening enterprise systems via APIs Traditional enterprise are blurring, as organizations open their on-premise data and application functionality for use in new internal and external applications. APIs form the foundation of this open enterprise, allowing enterprises to reuse their existing information assets across organizational boundaries. To…
Choosing the Right API Management Solution for the Enterprise User
API Academy Address key functional and operational characteristics of an effective API Management solution This white paper examines the different functional and operational requirements for an enterprise-level API Management solution. In doing so, it gives IT managers, Web managers and enterprise architects key information for selecting an API Management solution. The API is undergoing a…
A How-to Guide to OAuth & API Security
API Academy Make OAuth implementation simple for your organization OAuth is an emerging Web standard that lets users grant third-party clients restricted access to resources they own. In the past, it was common to ask a user to share username and password information with the client. OAuth authentication is more secure as it allows the…
5 OAuth Essentials for API Access Control
API Academy Create a framework to address the complex challenges associated with implementing OAuth There are a number of important access-related challenges for API publishers. However, deploying OAuth as an authorization mechanism for enterprise APIs raises challenges around scalability, correct usage and integration. To make matters worse, OAuth is not supported by existing infrastructure and…
Protecting Your APIs Against Attack & Hijack
API Academy Secure enterprise APIs for mobile, cloud and open Web It is a mistake to think we can secure APIs using the same methods and technologies with which we secured the conventional, browser-centric Web. While it is true that APIs share many of the same threats that plague the Web, APIs are fundamentally different…