As a consequence of the recent FTC investigation, Facebook cut off friend data access for Microsoft and Sony and announced an overhaul of its API. Facebook’s privacy changes will impact dozens of partners that have been using the Facebook API to build experiences on third-party apps and devices. Here are three essential considerations for API providers, consumers, and end-users to avoid a scandal like Facebook’s and protect the privacy of user data.
Traditional security models—such as firewalls and DMZs—were designed to protect the perimeter. The thinking was that if the four walls of a company were protected, then threats would be neutralised before they come anywhere near core IT infrastructure. However, when bad actors inevitably made their way inside, they were often left undetected and free to move about as they extracted sensitive business data.
There are various types of APIs, the most popular of which is Web API––otherwise known as a Web Service. A Web API provides an interface for Web applications, or applications that need to connect to each other via the Internet to communicate. Web APIs have exploded exponentially, reaching over 17,000 in 2017. There are four popular subcategories of Web APIs, including SOAP, XML-RPC, JSON-RPC, and REST.
Jason Harmon, head of APIs at engaging forms tool Typeform, and namesake of the JSON schema, gave a fantastic proactive talk at a recent APIdays conference about “the things that break stuff in production.” Three things in fact.
In part 1 of this post, we have established the overall value proposition of defining reusable KPIs in an attempt to assess and drive the concept of reuse within your API platform. Once the capability to establish and monitor both abstract baselines and progress against them have been established within an enterprise, the next step is to determine what metrics are worth tracking, where they break down, and how they relate to each other.
A lot of enterprise IT concepts and tools have experienced dramatic change in the last decade. Several long-lived rules of thumb have faded into irrelevance. However, one conceptual holy grail has survived the volatility of the IT transformation toward all things cloud, DevOps, and APIs: reuse. Like historical explorers seeking the Northwest Passage, enterprise IT executives have long sought out ways (e.g. SOA) to drive down the cost of solution development through code reuse.
Cybersecurity solution provider Trend Micro has issued a report that highlights how chat platform APIs can and are being used by cybercriminals to achieve their nefarious objectives.
Because of the degree to which Webhook APIs are involved (an API attack vector not previously discussed on ProgrammableWeb), the warnings and incidents should serve as a wake-up call to API providers and developers when it comes to the sorts of best practices and ongoing vigilance it takes to fully secure their customers and systems.Provided that the incentives are worth it,
The Internet of Things (IoT) is supposed to have 10 times the impact of the Web itself, which means it has potentially 10 times the risk for complication, and, with its ubiquity, 10 times the risk to security. Each “Thing” we encounter in our daily and professional lives could potentially be connected within the next couple years. And with so many, many more players, manufacturers, protocols, and programming languages, it all gets exponentially more complicated.
MuleSoft provides the most widely used integration platform for connecting any application, data source or API, whether in the cloud or on-premises. With Anypoint Platform®, MuleSoft delivers a complete integration experience built on proven open source technology, eliminating the pain and cost of point-to-point integration. Anypoint Platform includes CloudHub™ iPaaS, Mule ESB™, and a unified solution for API management™, design and publishing.