Posts By: Kristopher Sandoval

Standard API Definitions Demystified

As with any industry, the web API space faces different approaches to standardization. Not least of which are the differences between how API providers choose to define their APIs in a machine readable way with API specifications and description languages.

API definitions have emerged as ways to annotate API functionalities, and there are still many out there catering to varying web service architectures. Read more

Review of Approov for Mobile API Security

Unfortunately, the reality of mobile apps is that at some point, someone is going to try to do something they’re not allowed to. Whether this is through brute-forcing keys, spoofing identities, or simply issuing distributed attacks across the application’s server dependencies, the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated. Read more

How Pokemon Go fans hacked 'em all hackers

How Pokémon Go Fans Hacked ‘Em All: And How to Prevent Similar Reverse-Engineering

Every developer hopes for huge user bases populated by large amounts of monthly users. People using an application to its potential in the thousands, if not hundreds of thousands, is a dream come true. Unfortunately for API services, with a greater deal of exposure comes a marked increase in vulnerability. Read more

9 Common Errors Made During API Testing

9 Common Errors Made During API Testing

API testing is an important facet of the API development process. Such testing can help disclose important security flaws, data processing errors, and even breaks in basic functionality. With all that said, it’s an unfortunate fact that many API testing processes are fundamentally flawed, and because of this, issues are often kept around and extended well beyond their reasonable lifespan. Read more

The Power of Relay; The Entry Point to GraphQL

The Power of Relay; The Entry Point to GraphQL

In many ways, GraphQL is a futuristic approach to dealing with all the headaches surrounding high-data transfer, large-volume relational content. As more is written about the technology and as its implementation is discussed, it goes without saying that related components are becoming increasingly more interesting as well. Read more