API Management

Continuous Monitoring for API Reliability

Anyone building APIs should know how well they perform. Without a view into your API reliability, you’ll be gambling that everything works as expected. API consumers—internal collaborators, partners, or other external developers—will discover if your API breaks and let you know about it. Continuous Monitoring can help you uncover these issues proactively. Developers that use […]

API Virtualization for Robust Testing

Testing is an essential part of software development. It’s similarly an important part of the API lifecycle and it helps developers discover errors in their APIs before it even gets to production. One of the most effective methods to test production-grade APIs is through API virtualization. In this article, I’ll briefly explain the concept of […]

Securing the Digital Record

Recently, I was chatting with a group of colleagues – we were all complaining about doctors and waiting rooms, etc. During the conversation, I mentioned something that I thought was pretty interesting. Being over 40 and blonde hair/blue eyed, AND having spent my teens and 20s soaking up the sun, I’m basically putting my dermatologist’s children through […]

The Longest Stage of the API Lifecycle

Right now someone is powering up an original iPhone. On their home screen, they’re tapping the icon for a 10 year old app. As it loads, it calls an endpoint that a development team would rather not maintain. For many APIs, a life of suspended animation is a big part of their story. In API […]

TechTalk: A Panel Discussion on OWASP Top 10/API Top 10

June 2020’s TechTalk had Joe Krull from Aite Group and API Academy’s own Jay Thorne join hosts Aran and Bill on a discussion around OWASP Top 10 and the newer API Top 10 and how enterprises can address common security issues around these problem areas. They also discussed the relationship between app developers and security […]

Top Ten GraphQL Myths Debunked

There are a lot of myths out there (flying horse, anyone?). There’s even myths about GraphQL, which can lead to misunderstandings around it’s use cases, and even at times unwarranted fears over it’s usage. Let’s take a look at the top 10 most common GraphQL myths and see if we can’t assuage some worries and […]

Managing the Effect of Slow Back-end Systems

Introduction: API deployments need to maintain a stable network behaviour, with widely varying back end systems. In a previous article, I talked about the need to maintain user experience. In a Layer7  API Gateway based deployment, back end systems that have high latency have some very interesting side effects. To effectively manage a gateway in […]

How to Beat Cross-Site Request Forgery Attacks

Cross-Site Request Forgery (CSRF) is a type of security threat in which malicious actors can steal user data and authentication information by gaining access to HTTP Cookies. Cookies are small nuggets of information which are sent in responses from web servers to the browser. The browser stores this information and will include these cookies in […]