Google has announced some new features available for its OpenID API. As some of our readers may remember, earlier this year Google released a "Hybrid Protocol" API that combines an OpenID federated login with OAuth access authorization. The API has been enhanced with some extended Attribute Exchange fields and a pop-up user interface for the user-facing approval page.
It's day two at GitHub Universe 2019. Today is all about security. The day two keynote saw many announcements related to securing code including GitHub Security Lab, CodeQL, GitHub Security Advisories, automated security updates, GitHub Advisory Database, token scanning, and more.
The scariest thing about how organizations are diving into APIs like they're the latest gold rush is how few of them are taking API security seriously. Even if they did, they might turn and tuck tail. API security is hard. Very hard. And there's no easy button. Elastic Beam thinks it has the cure.