The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Tools", Category: "Captcha", Category: "Security"
GitHub announced a number of new tools within its developer toolset. V4 of its API, the GitHub Marketplace and GitHub Apps highlight the announcements. V4 marks a significant transition as GitHub's core API is now the GitHub GraphQL API. The new version is far more flexible than previous versions.
A pair of stories surfaced this week that serve as important reminders of how complicated, nuanced, and difficult API security really is. Even the biggest companies with the deepest pockets can't possibly be perfect when it comes to the security of their various API offerings and solutions.
Parasoft, maker of the SOAtest API testing tool, announced a number of enhancements to the tool. A thin client interface, enhanced workflows, and Shift-left performance testing headline the updates. The overarching goal of the updates is to provide quicker, broader access to data.
Microsoft continued its expansion of its Graph API portfolio with multiple API announcements at its latest Build developer conference. Specific API announcements include updates to SharePoint, OneNote, Planner, and translator APIs. Additionally, new Insights APIs were announced.
RiskIQ announced API updates to its cyber event investigation platform: PassiveTotal. The updates include the addition of projects and monitoring. Projects allow users to organize investigations within third party security infrastructure. Monitoring provides alert and response capability.
Yelp added GraphQL support for its Fusion API. GraphQL, a graph query language, allows developers to request specific data in a single query, rather than multiple API calls through the API. GraphQL is currently in Beta. To use with Yelp, developers need to join Yelp's new Developer Beta Program.
The amount of data captured for analysis is increasing all the time. Often this data is fed into multiple systems that need to analyze, process, persist or perform other operations with it. It is important that these systems make sure that sensitive data is identified and redacted.
There are three standard ways to manage API authentication these days: API keys, OAuth tokens and JSON Web tokens (JWT). Adam Duvander over at the Zapier engineering blog explains how and when to use them. The humble API key is the common and earliest form of API authentication.
A researcher has found a vulnerability in the latest version of reCAPTCHA that could let spambots bypass reCAPTCHA fields across millions of sites. The developer has a script that uses Google’s speech recognition API to solve audio challenges associated with the latest version of reCAPTCHA.
Tesla's backbone API suffered a 20 hour outage earlier this week that left the company's keyless driving feature and mobile app monitoring unavailable. While the outage represented more of an inconvenience than a devastation, the vulnerability highlighted the dangers of an API-driven auto market.
CORS is a security mechanism that allows a Web page from one domain to access a resource from a different origin. This article provides an in-depth guide to Cross-Origin Resource Sharing (CORS) for REST APIs, on how CORS works, and common pitfalls especially around security.
The API is at the heart of the technology of every connected person’s daily life. Mark O’Neill, research director at Gartner, presented some of the trends in the API industry at a recent APIDays conference. This article delves into them and how they affect the future of the tech industry as a whole.
Google anti-harrasment project, Jigsaw, launched an API that brings programmatic access to the machine learning and AI technology driving the project. The Perspective API allows third parties like Wikipedia, the New York Times, and others the ability to score online speech for its toxicity level.
Google's fast and scaleable API gateway, Google Cloud Endpoints, is now generally available. Cloud Endpoints is built upon the same services that Google uses to power internal APIs. Cloud Endpoints ensures APIs used within apps on the Google Cloud Platform are monitored and secure
PasswordPing recently announced the launch of its password and credential breach notification service. The service alerts organizations of passwords and credential/password combinations that have been exposed. The service includes API entry points to the service for integration with login screens.
Bugsee recently emerged from stealth mode with its bug reporting and crash analytics tool. Bugsee's primary advantage over most mobile app bug tools is the continuous video capture of user actions. Bugsee syncs video data with log and network data for optimal and quick crash and bug recovery.
Two years ago, there was a growing chorus of voices expressing concern about private API keys finding their way into the public domain thanks in part to careless pushing of code to services like GitHub. Now this problem has spread to mobile apps. The guys over at Hackernoon explain.
Fourteen APIs have been added to the ProgrammableWeb directory in categories including Podcasts, Artificial Intelligence, and Security. Featured today are APIs for fraud detection by Simility, and conversational bots from Amazon Web Services Lex. Here's a rundown of the latest additions.
Stormpath made a name for itself with its backend, REST API that provides registration and authentication. The REST API operates in the backend of an app. As serverless architecture grows in use, a need for a frontend registration and authentication services arose. Enter the Stormpath Client API.
Eighteen APIs have been added to the ProgrammableWeb directory in categories such as Security, News Services, and Payments. Featured today is an API from UtilityScore, a service that provides a score for projected utility costs to interested home buyers. Here's a rundown of the latest additions.