In this session, Francois takes a deep dive into how to better protection your enterprise from bad actors. He’s following by Skip Hovsmith (Approov) who dives into API client attestation.
Achieving an identity-centric security model is no small feat. The composable enterprise needs to be secured across multiple clouds, while providing end-users with delightful experiences, yet still maintain high levels of assurance. Oh yea… it has to scale too. This presentation shares lessons learned from our journey towards automating the distributed enforcement of access control rules, and how leveraging a symbiotic relationship between identity management and runtime API security infrastructure enables an identity mesh that spans across applications.
In his latest blog, Balaji discusses continuous access evaluation and how to validate token revocation when deploying this model.
Our Q1 TechTalk had API Academy members Francois, Aran, and myself reminiscing about the 20th anniversary of Layer7 and the 10th anniversary of API Academy – and many of the “things” that have come and gone over the last 20 years – with a dive into protocols – past, present, and emerging. Definitely worth a watch!
In this second part of a two-part series, Francois takes a look at #’s 6-10 of the OWASP API Security Top 10 risks and how to best mitigate them through a secured API management solution.
In his latest blog, Francois Lascelles takes a look at the rather stunning log4j exploit currently impacting enterprises, and how a properly configured API management solution can mitigate the risk.
In a recent blog series,…
In this three part article, we’ll cover some of the best practices in selecting the best TLS cipher suite algorithms with your API gateways.
The Zero Trust model is founded on the belief that organizations should not automatically trust anything inside or outside its perimeters and must verify everything trying to connect to its resources before granting access—based on identity, trustworthiness, and context. This blog discusses the Zero Trust model and its components.
In my first blog on…