Skip to content

The benefits of JWT + JWS + JWE on API Designs

By Wagner Brunca | January 21, 2020

In this post I cover some good reasons to adopt JWT (JSON Web Token), JWS (JSON Web Sign), and JWE (JSON Web Encryption) in your API Designs. JWTs are a modern solution to an old problem: how to I know who this user is? They help us by being signed and stateless, and by having…

CISSP Domain Principles and API Management Solutions

By Balaji Radhakrishnan | January 7, 2020

Recently, I took my CISSP exam and passed this industry recognized certification. As part of my preparation, I was trying to apply practical use-cases to those CISSP domain principles. Recognizing how important API security is to our customers, I was trying to associate our Layer7 API Management solutions with CISSP security principles. This not only…

A Substantive and Educational API Management User Group Gathering

By Kees Neven | December 19, 2019

On Tuesday December 3rd, the first Layer7 Enable U API Management User Group gathering was held at the Lloyd Hotel in Amsterdam. The User Group, organised by Dutch integration specialist Enable U in collaboration with Broadcom, was set up to share knowledge, and exchange ideas and experiences regarding API Management.

How to Use Policy to Retrieve a Portal API OAuth Token

By Geoff Duck | December 4, 2019

An API Gateway can be a fast, easy way to manage entities in an API Portal.  The Portal API (PAPI) provides entry-points to perform tasks such as onboard users, manage APIs that are protected by the gateway runtime, manage and update API versions and documentation, and administer API Management items such as application definitions, organizations,…

Layer7 API Gateway – Did You Know? Microsoft Forefront TMG Replacement

By Greg Thompson | November 20, 2019

Most people familiar with APIs know the role of an API Gateway, which is typically used to secure access to APIs and provide capabilities such as threat protection, rate limiting, authentication, and authorization. The Layer7 API Gateway does all of this and much, much more. This series of posts will highlight scenarios where the Layer7…

Denial of Service Attacks on The Rise!

By Alex Forsyth | November 13, 2019

Current industry reports for 2019 regarding Distributed Denial of Service (DDoS) attacks indicate a 776% increase for loads between 100 Gbps and 400 Gbps*.  As the demand rises for companies to expose more API’s to the public, it becomes much more important to be able to quickly respond to cybercrime threats and changing tactics.   We…

Enriching and Externalizing Gateway Metrics to Splunk

By Ping Tan | November 11, 2019

Overview Gateway metrics are a critical piece of intel to determine the health of Services and traffic throughput on an API Gateway. Using Layer7 API Management as an example, there are a few ways we can obtain this information: Policy Manager: Dashboard, PAPIM (Precision API Monitoring), sending this information to a monitoring solution via Gateway…

DevOps: REST API Execution Through Bash Shell Scripting III

By Thomas Cheng | October 28, 2019

A Simple Framework (Experiences) This is the third and last part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part shares some experiences/lessons learned from real world applications. Experiences It would be nice if API publishers simply provided an API client SDK in…

DevOps: REST API Execution Through Bash Shell Scripting II

By Thomas Cheng | October 24, 2019

A Simple Framework (Extension) This is the second part of the paper proposing a framework that enables DevOps teams to issue REST API calls via bash shell scripts. This part discusses the extension beyond the core of the proposed framework. The third part shares some lessons learned from real world applications. The Basics The basic…

API World 2019

API World 2019: Event Recap

By Jaime Ryan | October 21, 2019

For the last eight years, API practitioners and vendors have descended on San Jose, right down the road from the Broadcom headquarters, for the annual API World conference. This year, the Layer7 API Management team was joined at the show by our colleagues from Continuous Testing and AIOps to talk about full lifecycle API Management.…

Scroll To Top