The OpenAPI Specification (OAS) (formerly known as the Swagger specification) provides a way to describe and document REST APIs and their components. It includes details on endpoints, their operations, parameters needed for the operations, expected responses for every operation, authentication methods and even annotations. OAS is an easy format to learn and read, and can […]
Strengthen API Security With These Tips and Patterns
If you haven’t noticed, digital organizations are building more and more APIs. ProgrammableWeb tracks more than 23,000 public web APIs at the time of writing, and the API market is estimated to be worth $5.1 billion by 2023. Building with APIs increases internal interoperability, reduces development time and can extend product functionality tremendously. In short, […]
Sacrificing Security for Speed: 5 Mistakes Businesses Make in Application Development
Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. Using technology to improve the speed of governance, one would think, “What could possibly go wrong? A lot, apparently. The app’s failure on results day was attributed to reporting and coding issues. […]
Breaking Down the OWASP API Security Top 10, Part 2
Due to the widespread usage of APIs, and the fact that attackers realize APIs are a new attack frontier, the OWASP API Security Top 10 Project was launched. From the beginning, the project was designed to help organizations, developers and application security teams become increasingly aware of the risks associated with APIs. This past September, […]
Best of 2019: Breaking Down the OWASP API Security Top 10, Part 1
As we close out 2019, we at staging-devopsy.kinsta.cloud wanted to highlight the five most popular articles of the year. Following is the fifth in our weeklong series of the Best of 2019. As a result of a broadening threat landscape and the ever-increasing usage of APIs, the OWASP API Security Top 10 Project was launched. […]
Survey Sees More Complex API Challenges Ahead
A survey of more than 10,000 developers of application programming interfaces (APIs) suggests there’s lots of room for improving the overall efficiency of API lifecycle management. The survey was conducted by Postman, a provider of a platform for building APIs. Respondents on average said they only spend a quarter of their time (26%) on the […]
Autonomous Security in Containers
With the advent of DevOps, the development world has quickly moved to agile development practices and containerized applications. At Forum Systems, we have responded to this trend by putting our API security software, Forum Sentry, into virtual form factors such as Amazon Machine Image, Azure Image, VMware Image, Linux, Windows and Docker. Why do we […]
How to Automate an API Security Program Without Adding Staff
In today’s information economy, data is a primary raw material and a source of value to both providers and consumers. For many companies, entire business models are built on the exchange of information. Consider a ride-sharing business that owns no vehicles of its own. What the company does possess, however, is a database of private […]
API Security: A Key Part of the Bigger Plan
Standing as the “fuel” powering the customer-driven platform revolution, application programming interfaces (APIs) are the new “it thing” amongst operating systems. APIs are responsible for how apps communicate with each other and have become key components in many digital transformation strategies. Serving as a set of tools for building software application, they have empowered many […]
Portability Shmortability: Most Applications are Going Nowhere
I’m a huge fan of the idea of taking our super-duper applications and deploying them where it makes most sense. I always have been. Those of us in application development spent forever bemoaning the fact that our applications weren’t all that portable between operating systems. In fact, looking back through the history of computers, you […]