This latest article in a series discusses the additional security issues that arise when using mTLS, and how to mitigate those issues by combining mTLS with OAuth.
This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
This blog introduces mTLS and discusses the advantages of combining it with OAuth 2.0 for additional security.
In this session, Francois takes a deep dive into how to better protection your enterprise from bad actors. He’s following by Skip Hovsmith (Approov) who dives into API client attestation.
Achieving an identity-centric security model is no small feat. The composable enterprise needs to be secured across multiple clouds, while providing end-users with delightful experiences, yet still maintain high levels of assurance. Oh yea… it has to scale too. This presentation shares lessons learned from our journey towards automating the distributed enforcement of access control rules, and how leveraging a symbiotic relationship between identity management and runtime API security infrastructure enables an identity mesh that spans across applications.
In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.
Our Q1 TechTalk had API Academy members Francois, Aran, and myself reminiscing about the 20th anniversary of Layer7 and the 10th anniversary of API Academy – and many of the “things” that have come and gone over the last 20 years – with a dive into protocols – past, present, and emerging. Definitely worth a watch!
In this second part of a two-part series, Francois takes a look at #’s 6-10 of the OWASP API Security Top 10 risks and how to best mitigate them through a secured API management solution.
In his latest blog, Francois Lascelles takes a look at the rather stunning log4j exploit currently impacting enterprises, and how a properly configured API management solution can mitigate the risk.
In a recent blog series, my colleague, Bill Oakes, discussed the OWASP Top Ten web-based threats and how a proven API management solution can help mitigate against those threats. So, that covers web applications, but what about APIs? Several analysts are pinpointing APIs as one of the top attack vectors over the next four to […]