This blog aims at capturing different technologies and protocols in the IAM space and mapping them to Anypoint Platform.

Read more

Here’s how NVIDIA leveraged an API-led approach to build system APIs for backend applications and stitch data together using a process API that leverages MuleSoft’s Message Processors.

Read more

Traditional security models—such as firewalls and DMZs—were designed to protect the perimeter. The thinking was that if the four walls of a company were protected, then threats would be neutralised before they come anywhere near core IT infrastructure. However, when bad actors inevitably made their way inside, they were often left undetected and free to move about as they extracted sensitive business data.

Read more

There are various types of APIs, the most popular of which is Web API––otherwise known as a Web Service. A Web API provides an interface for Web applications, or applications that need to connect to each other via the Internet to communicate. Web APIs have exploded exponentially, reaching over 17,000 in 2017. There are four popular subcategories of Web APIs, including SOAP, XML-RPC, JSON-RPC, and REST.

Read more

Jason Harmon, head of APIs at engaging forms tool Typeform, and namesake of the JSON schema, gave a fantastic proactive talk at a recent APIdays conference about “the things that break stuff in production.” Three things in fact.

Read more

In part 1 of this post, we have established the overall value proposition of defining reusable KPIs in an attempt to assess and drive the concept of reuse within your API platform. Once the capability to establish and monitor both abstract baselines and progress against them have been established within an enterprise, the next step is to determine what metrics are worth tracking, where they break down, and how they relate to each other.

Read more

A lot of enterprise IT concepts and tools have experienced dramatic change in the last decade. Several long-lived rules of thumb have faded into irrelevance. However, one conceptual holy grail has survived the volatility of the IT transformation toward all things cloud, DevOps, and APIs: reuse. Like historical explorers seeking the Northwest Passage, enterprise IT executives have long sought out ways (e.g. SOA) to drive down the cost of solution development through code reuse.

Read more

David Berlind is editor-in-chief of ProgrammableWeb. 

Cybersecurity solution provider Trend Micro has issued a report that highlights how chat platform APIs can and are being used by cybercriminals to achieve their nefarious objectives. 

Because of the degree to which Webhook APIs are involved (an API attack vector not previously discussed on ProgrammableWeb), the warnings and incidents should serve as a wake-up call to API providers and developers when it comes to the sorts of best practices and ongoing vigilance it takes to fully secure their customers and systems.Provided that the incentives are worth it,

Read more

The Internet of Things (IoT) is supposed to have 10 times the impact of the Web itself, which means it has potentially 10 times the risk for complication, and, with its ubiquity, 10 times the risk to security. Each “Thing” we encounter in our daily and professional lives could potentially be connected within the next couple years. And with so many, many more players, manufacturers, protocols, and programming languages, it all gets exponentially more complicated.

Read more

This is part 3 of my API security blog series. I will be showing an example scenario of how Anypoint platform can be a vital component of a secure API-led architecture and the capabilities to securing the API.

If you missed part 1 and part 2 here they are:

1. API security: Ways to authenticate and authorize
2. API security: Keeping data private but accessible

3.

Read more