API Keys are not API Security

I recently had an interesting article show up in my Google newsfeed on API Keys, their generation, and their distribution. A group of developers posed the following question to the community: how do you build and distribute your API keys to your API consumer audience? Being immersed in APIs and API developer communities every day, […]

TechTalk: A Panel on API Security

May’s TechTalk had hosts Aran and Bill joined by Dmitry Sotnikov, CPO of 42Crunch, for a panel discussion on common API security issues and how to mitigate them. In addition to addressing these common issues, the panel also took questions from the audience. Definitely a topic of interest. API Academy encourages those who are interested […]

Advice to Developers: Double-check Configurations to Avoid Cybersecurity Pain

Last month in my API Academy blog I provided my observations and recommendations about the importance of logging and monitoring from a cybersecurity perspective. This month, I’ll focus on the importance of avoiding security misconfigurations when building and updating applications. As I noted last month, I’m a bit of an old salt in security, having […]

The Challenging Times of Delivering on OpenBanking, Part 1

The terms, OpenBanking and PSD-2 (Payment Services Directive-2) are largely used interchangeably nowadays to summarise the very significant challenges that are being experienced by the Global financial and Banking sector today. As a response to global financial crisis of 2006, the European Banking Association, 4000+ member banks were mandated, under the regulation, PSD-2, to empower […]

Why APIs are Critical Today

APIs are more important than ever in these challenging times where everything is being operated remotely. APIs make it easy to provide access to information and keep businesses running smoothly. They can also create new challenges and risks if they are not properly managed.  First, security is paramount to ensure only those that are allowed […]

The Importance of API Testing

Like any software, APIs are subject to bugs and other errors. That makes API testing at least as important as other software testing, likely more-so. With potentially hundreds or thousands of consumers, an issue in your API could have a magnifying effect. To maintain software quality, it makes sense to have a robust approach to […]

Securing Microservices with API Management

Today more and more enterprises are jumping into the bandwagon of digital transformation. To be competitive and aligned with this digital strategy, many enterprises started converting their monolithic and/or legacy applications into microservices to achieve: Speed to market Improve evolvability Scalability Enhance composability API’s, which are the building blocks of digital transformation, have become the […]