Home API Security

API Security

Security is an issue of great concern. Get the most relevant information on this topic here.

Let’s face it, network structures are under siege from cyberattacks and vulnerabilities. These exposures can be wide-ranging from applications, users, data, or even locations. This is where the term network security comes into play. Network security is an all-encompassing term...
Let’s face it, APIs are everywhere and that makes protecting your APIs challenging at best. To be effective, security must be safe and secure. Discover 5 security challenges to API protection. 1. APIs have risks – that’s a fact! APIs are...
Dear New York,  As I watch the city and local businesses be devastated by the impact of the virus, I see you making a big mistake in the approach to contact tracing. One that’s already costing us dearly as we ramp up...
Load balancing refers to delivering incoming network traffic across a group of backend servers on the internet. The basic function distributes client requests and provides a network load across many servers. Daily, high traffic is being consumed on internet sites....
With the increasing demand for data-centric projects, companies have quickly opened their data to their ecosystem, through SOAP or REST APIs. APIs are the doors too closely guarded data of a company, creating the following challenge: how can we...
Dear Geek,   We are building an API and I am confused as to what kind of security we need? There are so many out there being used (OAuth 1.0a, OAuth 2.0, SAML, username/password, API Key, JWT, and plenty of others)...
An API (Application Programming Interface) is a machine and human-readable definition of an access point to a function or service. You never develop an interface, you always design one. For starters, an API describes the capabilities and behavior of the underlying function or...
API Gateways are API proxies that are put between the API Provider and the API Consumer. At its heart, an API Gateway is a façade that provides an API interface to your complex subsystem. These APIs provide the "front-end...
I'm sure we're all counting down the days until we can put our feet up and surround ourselves with loved ones but before that, I've been busy reviewing each risk that appears on the OWASP API Security Top 10....
We often think of APIs in a very technical way, but in reality, APIs are about providing business offerings and value. Many organizations treat APIs as products which makes sense since an API goes through a similar lifecycle of...
While everyone's busy making their lists and hoping the big man in the red suit overlooks their indiscretions and brings them something nice, I've been checking over a different kind of list. I've checked it at least twice, trying...
From not so long ago, as shown in Peter Steiner's cartoon, as published in The New Yorker.  One dog to another, “On the Internet, nobody knows you’re a dog.” I remember this from the late 90s to early 2000s; you...
Recently, someone asked me the question of using API proxy vs. API Gateway. Well, let’s start with the basic premise. You have your backend services and want to connect to your existing customers or bring in new customers. There are different...
A critical component of an API-based architecture is to have an API Gateway. This becomes more important as organizations are breaking their monolithic services to a microservices-based API architecture. An API Gateway is a layer that sits between an organization’s...
By now most enterprises have heard about the concept of full lifecycle API Management (FLAM), but it is not uncommon when discussing the components of an API Management platform to have some initial confusion around the concept of the...