What with the rapid growth of the API economy, more sensitive data is shared through APIs than ever before. As a natural consequence of this, there are severe stakes around API security, and they’re only rising.
While it’s easy to overlook the importance of security in a brand-new API — especially if that API is only used internally or by selected partners — you ought to secure all APIs early-on. Read more
When a user utilizes a service, that user must first attest they are who they say they are. In most use cases, they must then confirm they can do what they’re trying to do. For many users, this is a relatively non-transparent process, and it might seem to happen magically behind the scenes. Read more
Every year we see more and more high-profile data breaches. In 2019, companies reported over 3,800 data breaches, and 4.1 billion records were accessed. These included records from major financial institutions.
With so much of our daily lives and business transactions occurring online, cybersecurity threats can be devastating for customers and costly for corporations. Read more
“If you think about where OAuth started, it was really about securing comments on blog posts and now we’re talking about enterprises, so it’s a whole different class of security.”
This is how Travis Spencer, CEO at the identity company Curity, opened his talk at our 2019 Austin API Summit, and it’s an astute summary of the way many products (particularly in the tech scene) are tweaked or re-engineered beyond their original purpose. Read more
If you’re not an API practitioner, you may not be too comfortable with the idea of an API gateway. Following up on our recent article What Is the Difference Between APIs and Microservices?, we wanted to demystify another daunting API topic for the less technically oriented audience. Read more