Emerging Protocols and Security
In his latest blog, Bill takes a look at a few of the emerging API protocols and their impact on enterprise security models – with a few pointers for mitigating those concerns.
API Design
API Protection using In-memory Data Service
In today’s digital ecosystem, enterprises are monetizing their valuable digital assets byconverting and exposing them as APIs. While APIs are building blocks of a digitalecosystem, exposing them to the outside world effectively and securely is key for theirsuccess. This business strategy accomplishment (exchange of information and creatingan ecosystem, etc.,) is dependent on an API management […]
OAuth mTLS Adoption Challenges
This article discusses adoption challenges with OAuth mTLS, steps one can take to mitigate those challenges.
GraphQL Schemas – From Design-time Introspection to Runtime Content Validation
This blog takes a look at GraphQL from a security perspective, and how to design a schema that meets CSO requirements.
API Academy Workshop with Apidays NYC 2022: Improving API Resiliency Using API Gateways
In this session, Daniel discusses how to better API resiliency using API gateways.
API Academy Workshop with Apidays NYC 2022: API Security Deep Dive
In this session, Francois takes a deep dive into how to better protection your enterprise from bad actors. He’s following by Skip Hovsmith (Approov) who dives into API client attestation.
API Academy Workshop with Apidays NYC 2022: Our GraphQL Journey
In this Workshop session, Francois discusses some of the things learned as he dove into GraphQL and its workings.
Apidays NYC 2022: Friends Don’t Let Friends Centralize Authorization Enforcement
Achieving an identity-centric security model is no small feat. The composable enterprise needs to be secured across multiple clouds, while providing end-users with delightful experiences, yet still maintain high levels of assurance. Oh yea… it has to scale too. This presentation shares lessons learned from our journey towards automating the distributed enforcement of access control rules, and how leveraging a symbiotic relationship between identity management and runtime API security infrastructure enables an identity mesh that spans across applications.
Three Questions for API Change Management
Adam’s latest blog discusses API Change management and how it allows us to create a process or a set of rules that shapes the way the API grows as more endpoints are added and as existing functionality changes. He then discusses the three factors to consider whenever making changes to an API.