API Provider Training

Is the API in Your App a Trojan Horse?
API University

Attackers know that API calls originating from inside an app are a blueprint for the infrastructure inside your data center. Further, they can use those same API calls to hide their malicious purposes, like a Trojan horse ready to slip through the front door. Apps are the new emerging threat vector.

Analysis

Aaron Lint

Security, API Design

11-29-2018

How to Build a Secure API Strategy for the API Economy
API University

APIs, via B2B partnerships and B2C applications, can increase a company’s reach and make digital assets and services available to broader audiences. There are dangers posed by the adoption of insecure APIs in the enterprise. Hence, businesses need a strategy for building and operating secure APIs.

Analysis

Setu Kulkarni

Security, API Strategy

10-25-2018

Five Things to do Before Opening Your Internal API
API University

What happens when you are ready to take your API from a small subset of users to something more open? What are the things you want to make sure are locked down tight before rolling out an open API program? James Higginbotham offered some tips for making sure your API is ready.

On the Web

Wendell Santos

API Strategy, API Management, Developer Relations

10-07-2018

Panera Bread Shows How Not to Respond to Data Vulnerability
API University

All companies have an obligation to protect user data as best as they can in accordance with their respective terms of services. When data is compromised, those companies should react quickly to fix it. Panera Bread offers a case study in the wrong way to respond to a vulnerability.

Case Study

Wendell Santos

Security, Developer Relations

04-16-2018

How to Ensure a Painless API Release in 10 Steps
API University

It’s an old adage but it’s true; if you want your API to succeed, treat it like a product. And one of the most important steps in any product’s lifecycle is when it gets released. James Higginbotham offers a 10-point checklist to help make sure that your API release runs as smoothly as possible.

On the Web

Wendell Santos

API Strategy, API Design, API Management

04-08-2018

Understanding API Connectivity to Resolve App DDoS Attacks
API University

Cloud-based apps rely on an increasingly diverse set of underlying services, tied together through APIs - and hackers have taken notice. To resolve attacks and outages affecting APIs it is critical to understand and test the performance of the service delivery of application components.

Analysis

Nick Kephart

Security, DevOps, Monitoring

10-13-2017

Best Practices for Building a Secure and Scalable API
API University Raygun

In order for APIs to deliver on a myriad of benefits and objectives, organizations must design them with scale in mind. However, the need to build high-performing APIs that scale with the business ecosystem is pressuring many development teams to build APIs that may be restricting business growth.

How-To

John-Daniel Trask

API Design, API Education, Security

10-04-2017

Understanding What it Takes to Secure Your API
API University

At this point in your API journey, you have made a number of business decisions and a couple of technical ones. Now, several crucial decisions need to be made around security. Securing an API is an often neglected task, yet doing so is at the heart of an effective API strategy.

Analysis

Mark Boyd

Security, API Design, API Education

09-27-2017

Equifax Secret PIN Controversy Exemplifies The Need For Rate Limits
API University

After it was revealed that over 143 million Americans may have been impacted when their personally identifiable information may have been breached through the credit reporting agency Equifax, there were further revelations that the so-called secret PINs issued by Equifax were actually timestamps.

Analysis

David Berlind

Security, Financial, Privacy

09-13-2017

How To Keep Your Company Out of the Data Breach Headlines
API University

Although most of the technical details regarding the breach of Equifax are not known, the scope of the damage and the questions it raises should be enough to stimulate some organizational introspection regarding all that you have done to safeguard your Web services, sites, and APIs.

Analysis

David Berlind

Security, Financial

09-08-2017

1
2
3
…
5
next ›

For API Providers